VAR-200909-0057
Vulnerability from variot - Updated: 2025-04-10 21:58Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administrator panel in TELECOM ITALIA Alice Gate2 Plus Wi-Fi allows remote attackers to hijack the authentication of administrators for requests that disable Wi-Fi encryption via certain values for the wlChannel and wlRadioEnable parameters. Alice Gate2 Plus Wi-Fi routers are prone to a cross-site request-forgery vulnerability. An attacker can exploit this issue to alter administrative configuration on affected devices. Specifically, altering the wireless encryption settings on devices has been demonstrated. Other attacks may also be possible.
A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.
The vulnerability is caused due to the device allowing users to perform certain actions via HTTP requests, without checking the validity of the request or proper authentication of the user sending the request. This can be exploited by malicious people to e.g. disable the encryption of the wireless network by tricking a user into visiting a malicious site.
SOLUTION: Visit trusted sites only. Use a firewall to restrict access to the affected device.
PROVIDED AND/OR DISCOVERED BY: WarGame/DoomRiderz
ORIGINAL ADVISORY: http://vx.netlux.org/wargamevx/
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200909-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "gate2 plus wi-fi",
"scope": null,
"trust": 1.4,
"vendor": "alice",
"version": null
},
{
"model": "gate2 plus wi-fi",
"scope": "eq",
"trust": 1.0,
"vendor": "alice",
"version": "*"
},
{
"model": "gate2 plus wi-fi",
"scope": "eq",
"trust": 0.3,
"vendor": "alice it",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "27374"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/h:alice:gate2_plus_wi-fi",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "WarGame/DoomRiderz is credited with the discovery of this vulnerability.",
"sources": [
{
"db": "BID",
"id": "27374"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
}
],
"trust": 0.9
},
"cve": "CVE-2008-7165",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2008-7165",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-7165",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2008-7165",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200909-067",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site request forgery in cp06_wifi_m_nocifr.cgi in the administrator panel in TELECOM ITALIA Alice Gate2 Plus Wi-Fi allows remote attackers to hijack the authentication of administrators for requests that disable Wi-Fi encryption via certain values for the wlChannel and wlRadioEnable parameters. Alice Gate2 Plus Wi-Fi routers are prone to a cross-site request-forgery vulnerability. \nAn attacker can exploit this issue to alter administrative configuration on affected devices. Specifically, altering the wireless encryption settings on devices has been demonstrated. Other attacks may also be possible. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nThe vulnerability is caused due to the device allowing users to\nperform certain actions via HTTP requests, without checking the\nvalidity of the request or proper authentication of the user sending\nthe request. This can be exploited by malicious people to e.g. \ndisable the encryption of the wireless network by tricking a user\ninto visiting a malicious site. \n\nSOLUTION:\nVisit trusted sites only. Use a firewall to restrict access to the\naffected device. \n\nPROVIDED AND/OR DISCOVERED BY:\nWarGame/DoomRiderz\n\nORIGINAL ADVISORY:\nhttp://vx.netlux.org/wargamevx/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-7165"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "BID",
"id": "27374"
},
{
"db": "PACKETSTORM",
"id": "63055"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2008-7165",
"trust": 2.8
},
{
"db": "BID",
"id": "27374",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "28618",
"trust": 1.7
},
{
"db": "OSVDB",
"id": "40739",
"trust": 1.6
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003140",
"trust": 0.8
},
{
"db": "XF",
"id": "2",
"trust": 0.6
},
{
"db": "XF",
"id": "39831",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20080121 FLAW IN ALICE GATE2 PLUSWIFI ADSL MODEM",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067",
"trust": 0.6
},
{
"db": "OTHER",
"id": "NONE",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "63055",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "BID",
"id": "27374"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "PACKETSTORM",
"id": "63055"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"id": "VAR-200909-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "OTHER",
"id": null
}
],
"trust": 0.01
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"network device"
],
"sub_category": "router",
"trust": 0.1
}
],
"sources": [
{
"db": "OTHER",
"id": null
}
]
},
"last_update_date": "2025-04-10T21:58:35.020000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Alice Gate2 Plus Wi-Fi",
"trust": 0.8,
"url": "http://assistenzatecnica.telecomitalia.it/at/portals/assistenzatecnica.portal?_nfpb=true\u0026_pageLabel=GuideBook\u0026nodeId=/AT_REPOSITORY/20005"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-352",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/27374"
},
{
"trust": 1.6,
"url": "http://secunia.com/advisories/28618"
},
{
"trust": 1.6,
"url": "http://osvdb.org/40739"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/archive/1/486733/100/200/threaded"
},
{
"trust": 1.0,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39831"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-7165"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-7165"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/39831"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/486733/100/200/threaded"
},
{
"trust": 0.3,
"url": "http://aiuto.alice.it/informazioni/modemadsl/alice_gate2adv.html"
},
{
"trust": 0.3,
"url": "/archive/1/486733"
},
{
"trust": 0.1,
"url": "https://ieeexplore.ieee.org/abstract/document/10769424"
},
{
"trust": 0.1,
"url": "http://vx.netlux.org/wargamevx/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/?page=changelog"
},
{
"trust": 0.1,
"url": "https://psi.secunia.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/17350/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/28618/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "OTHER",
"id": null
},
{
"db": "BID",
"id": "27374"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "PACKETSTORM",
"id": "63055"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "OTHER",
"id": null
},
{
"db": "BID",
"id": "27374"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"db": "PACKETSTORM",
"id": "63055"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-01-21T00:00:00",
"db": "BID",
"id": "27374"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"date": "2008-01-29T00:00:58",
"db": "PACKETSTORM",
"id": "63055"
},
{
"date": "2009-09-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"date": "2009-09-04T10:30:01.860000",
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-05-07T17:33:00",
"db": "BID",
"id": "27374"
},
{
"date": "2012-06-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-003140"
},
{
"date": "2009-09-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200909-067"
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2008-7165"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Alice Gate2 Plus Wi-Fi Router Cross-Site Request Forgery Vulnerability",
"sources": [
{
"db": "BID",
"id": "27374"
},
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "cross-site request forgery",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200909-067"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…