← Advisories

Sielco Radio Link 2.06 Cross-Site Request Forgery (Add Admin)

High
Advisory ID
ZSL-2023-5761
Release Date
30 March 2023
Vendor
Sielco S.r.l - https://www.sielco.org
Affected Version
2.06 (RTX19), 2.05 (RTX19), 2.00 (EXC19), 1.60 (RTX19), 1.59 (RTX19), 1.55 (EXC19)
CVE
CVE-2023-45317
Tested On
lwIP/2.1.1, Web/2.9.3
Summary

Sielco develops and produces radio links for all transmission and reception needs, thanks to innovative units and excellent performances, accompanied by a high reliability and low consumption.

Description

The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

Proof of Concept
sielco_rl_csrf.htmlTXT
Disclosure Timeline
26.01.2023Vulnerability discovered.
27.01.2023Contact with the vendor and CSIRT Italia.
29.03.2023No response from the vendor.
29.03.2023No response from the CSIRT team.
30.03.2023Public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]https://packetstormsecurity.com/files/171846/
[2]https://www.cisa.gov/news-events/ics-advisories/icsa-23-299-08
[3]https://exchange.xforce.ibmcloud.com/vulnerabilities/253071
[4]https://exchange.xforce.ibmcloud.com/vulnerabilities/269707
[5]https://nvd.nist.gov/vuln/detail/CVE-2023-45317
[6]https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-45317
Changelog
30.03.2023Initial release
03.11.2023Added reference [1], [2], [3], [4], [5] and [6]