← Advisories

CBN CH6640E/CG6640E Wireless Gateway Series Multiple Vulnerabilities

Medium

Advisory ID

ZSL-2014-5203

Release Date

25 October 2014

Vendor

Compal Broadband Networks (CBN), Inc. - http://www.icbn.com.tw

Affected Version

Model: CH6640 and CH6640E, Hardware version: 1.0, Firmware version: CH6640-3.5.11.7-NOSH, Boot version: PSPU-Boot(BBU) 1.0.19.25m1-CBN01, DOCSIS mode: DOCSIS 3.0

CVE

CVE-2014-8653, CVE-2014-8654, CVE-2014-8655, CVE-2014-8656, CVE-2014-8657

Tested On

Compal Broadband Networks, Inc/Linux/2.6.39.3 UPnP/1.1 MiniUPnPd/1.7

Summary

The CBN CH6640E/CG6640E Wireless Gateway is designed for your home, home office, or small business/enterprise. It can be used in households with one or more computers capable of wireless connectivity for remote access to the wireless gateway.

Description

The CBN modem gateway suffers from multiple vulnerabilities including authorization bypass information disclosure, stored XSS, CSRF and denial of service.

Proof of Concept

cbn_mv.txtTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]http://cxsecurity.com/issue/WLB-2014100162

[2]http://www.exploit-db.com/exploits/35075/

[3]http://osvdb.org/show/osvdb/113836

[4]http://osvdb.org/show/osvdb/113837

[5]http://osvdb.org/show/osvdb/113838