NVD Vulnerability Detail

CVE-2020-24034

Summary	Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, an attacker may alter the user value inside of this cookie, and assume the role and permissions of the user specified. By assuming the role of the user internal, which is inaccessible to end users by default, the attacker gains the permissions of the internal account, which includes the ability to flash custom firmware to the router, allowing the attacker to achieve a complete compromise.
Publication Date	Sept. 2, 2020, 3:15 a.m.
Registration Date	Jan. 26, 2021, 11:55 a.m.
Last Update	Nov. 21, 2024, 2:14 p.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:sagemcom:f\@st_5280_router_firmware:1.150.61:::::::*
execution environment
1	cpe:2.3:h:sagemcom:f\@st_5280_router:-:::::::*

Related information, measures and tools

No	URL	タグ
1	http://packetstormsecurity.com/files/159026/Sagemcom-F-ST-5280-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
2	http://packetstormsecurity.com/files/159026/Sagemcom-F-ST-5280-Privilege-Escalation.html	Exploit Third Party Advisory VDB Entry
3	http://seclists.org/fulldisclosure/2020/Sep/3	Mailing List Third Party Advisory
4	http://seclists.org/fulldisclosure/2020/Sep/3	Mailing List Third Party Advisory
5	https://seclists.org/fulldisclosure/2020/Sep/3	Mailing List Third Party Advisory
6	https://seclists.org/fulldisclosure/2020/Sep/3	Mailing List Third Party Advisory
7	https://support.sagemcom.com/fr/haut-debit	Vendor Advisory
8	https://support.sagemcom.com/fr/haut-debit	Vendor Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-502	信頼性のないデータのデシリアライゼーション	https://cwe.mitre.org/data/definitions/502.html

JVN Vulnerability Information

Sagemcom F@st 5280 ルータのファームウェアにおける信頼性のないデータのデシリアライゼーションに関する脆弱性

Title	Sagemcom F@st 5280 ルータのファームウェアにおける信頼性のないデータのデシリアライゼーションに関する脆弱性
Summary	Sagemcom F@st 5280 ルータのファームウェアには、信頼性のないデータのデシリアライゼーションに関する脆弱性が存在します。
Possible impacts	情報を取得される、情報を改ざんされる、およびサービス運用妨害 (DoS) 状態にされる可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	Aug. 31, 2020, midnight
Registration Date	Feb. 10, 2021, 4:26 p.m.
Last Update	Feb. 10, 2021, 4:26 p.m.

Affected System

Sagemcom

F@st 5280 ファームウェア 1.150.61

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2020-24034	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24034
National Vulnerability Database (NVD)
2	CVE-2020-24034	https://nvd.nist.gov/vuln/detail/CVE-2020-24034

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-502	https://cwe.mitre.org/data/definitions/502.html

ベンダー情報

No	Name	URL
Sagemcom
1	HAUT DEBIT	https://support.sagemcom.com/fr/haut-debit

その他

No	Name	URL
関連文書
1	Sagemcom router insecure deserialization > privilege escalation	https://seclists.org/fulldisclosure/2020/Sep/3

Change Log

No	Changed Details	Date of change
1	[2021年02月10日] 掲載	Feb. 10, 2021, 4:26 p.m.