WarGame/DoomRiderz has reported a vulnerability in Alice Gate2 Plus Wi-Fi, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks.
The vulnerability is caused due to the device allowing users to perform certain actions via HTTP requests, without checking the validity of the request or proper authentication of the user sending the request. This can be exploited by malicious people to e.g. disable the encryption of the wireless network by tricking a user into visiting a malicious site.
Solution: Visit trusted sites only. Use a firewall to restrict access to the affected device.
Provided and/or discovered by: WarGame/DoomRiderz
Original Advisory: http://vx.netlux.org/wargamevx/
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Alice Gate2 Plus Wi-Fi Cross-Site Request Forgery Vulnerability
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.