Vulnerability identifier: #VU46657
Vulnerability risk: Low
CVSSv3.1: 2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-942
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
eWON Flexy
Hardware solutions /
Routers & switches, VoIP, GSM, etc
eWON Cosy
Hardware solutions /
Routers & switches, VoIP, GSM, etc
Vendor: HMS Networks
Description
The vulnerability allows a local user to bypass the CORS protection mechanism.
The vulnerability exists due to incorrect processing of the "Origin" HTTP header that is supplied within HTTP request. A local administrator can supply arbitrary value via the "Origin" HTTP header, bypass implemented CORS protection mechanism and retrieve limited confidential information through sniffing.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
eWON Flexy: All versions
eWON Cosy: All versions
External links
http://ics-cert.us-cert.gov/advisories/icsa-20-254-03
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.