search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Virtual Access GW6110A router privilege escalation vulnerability

Vulnerability Note VU#213046

Original Release Date: 2014-03-25 | Last Revised: 2014-03-25

Overview

Virtual Access GW6110A routers contain a privilege escalation vulnerability which could allow an authenticated user to escalate their privileges.

Description

CWE-472: External Control of Assumed-Immutable Web Parameter

Virtual Access GW6110A routers contain a privilege escalation vulnerability which could allow an authenticated user to escalate their privileges by modifying a javascript variable that checks for user access level on the web interface.

Impact

An authenticated user could escalate their privileges on the router, allowing them access to administration features.

Solution

Update

The vendor has released an update to address this vulnerability. Affected users are advised to upgrade to one of the following versions.

Users of software branch 9.00 are advised to update to version 9.09.27 or later.
Users of software branch 9.50 are advised to update to version 9.50.21 or later.
Users of software branch 10.00 are advised to update to version 10.00.21 or later.

Restrict access

As a general good security practice, only allow connections from trusted hosts and networks.

Vendor Information

213046
 
Expand all

Virtual Access Affected

Notified:  January 29, 2014 Updated: March 18, 2014

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.


CVSS Metrics

Group Score Vector
Base 2.3 AV:A/AC:M/Au:S/C:P/I:N/A:N
Temporal 1.8 E:U/RL:U/RC:UC
Environmental 0.7 CDP:L/TD:L/CR:ND/IR:ND/AR:ND

References

http://www.virtualaccess.com/GW6000-adsl2-router.php

Acknowledgements

Thanks to James Premo for reporting this vulnerability.

This document was written by Michael Orlando.

Other Information

CVE IDs: CVE-2014-0343
Date Public: 2014-03-25
Date First Published: 2014-03-25
Date Last Updated: 2014-03-25 13:48 UTC
Document Revision: 13

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis