Thomson TWG850 Cable Modem Authentication Security Bypass

by Carol~ Moderator - 10/12/12 10:29 AM

In Reply to: VULNERABILITIES / FIXES - October 12, 2012 by Carol~ Moderator

Release Date : 2012-09-27
Last Update : 2012-10-12

Criticality level : Moderately critical
Impact : Security Bypass
Where : From local network
Solution Status : Vendor Patch

Operating System : Thomson TWG850 Cable Modem

Description:
A security issue has been reported in Thomson TWG850 Cable Modem, which can be exploited by malicious people to bypass certain security restrictions.

The security issue is caused due to missing authentication within the web-based management interface when processing requests with the "/goForm" URL. This can be exploited to alter any configuration setting via HTTP POST requests.

The security issue is reported in version ST9A.01.05 and ST9A.01.06. Other versions may also be affected.

Solution:
Update to version ST9A.01.12.

Provided and/or discovered by:
Glafkos Charalambous and George Nicolaou

Original Advisory:
http://dl.packetstormsecurity.net/1209-exploits/thomson-bypass.txt

http://secunia.com/advisories/50647