Share: Email | Twitter

ID

VDE-2022-043

Published

2022-11-07 12:43 (CET)

Last update

2022-11-07 13:14 (CET)

Vendor(s)

Wiesemann & Theis GmbH

Product(s)

Article No┬░ Product Name Affected Version(s)
58666 AT-Modem-Emulator < 1.48
58665 Com-Server ++ < 1.48
58664 Com-Server 20mA < 1.48
58651 Com-Server Highspeed 100BaseFX < 1.76
58652 Com-Server Highspeed 100BaseLX < 1.76
58331 Com-Server Highspeed 19" 1Port < 1.76
58334 Com-Server Highspeed 19" 4Port < 1.76
58231 Com-Server Highspeed Compact < 1.76
58631 Com-Server Highspeed Industry < 1.76
58633 Com-Server Highspeed Isolated < 1.76
58431 Com-Server Highspeed OEM < 1.76
58031 Com-Server Highspeed Office 1 Port < 1.76
58034 Com-Server Highspeed Office 4 Port < 1.76
58641 Com-Server Highspeed PoE < 1.76
58661 Com-Server LC < 1.48
58662 Com-Server PoE 3 x Isolated < 1.48
58669 Com-Server UL < 1.48

Summary

Multiple Wiesemann & Theis product families are affected by multiple vulnerabilities in the web interface.

Vulnerabilities



Last Update
Dec. 13, 2022, 10:34 a.m.
Weakness
Small Space of Random Values (CWE-334)
Summary

Multiple W&T products of the Comserver Series use a small number space for allocating sessions ids. After login of an user an unathenticated remote attacker can brute force the users session id and get access to the his account on the the device.

Last Update
Dec. 13, 2022, 10:34 a.m.
Weakness
Missing Authentication for Critical Function (CWE-306)
Summary
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request.
Last Update
Dec. 13, 2022, 10:34 a.m.
Weakness
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (CWE-79)
Summary

Multiple W&T Products of the ComServer Series are prone to an XSS attack. An authenticated remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into the title of the configuration webpage.

Impact

See CVEs for further details.

Solution

• Update Com-Server Family to version 1.48 or higher.

• Update the Com-Server Highspeed Family to version 1.76 or higher.

Reported by

CERT@VDE coordinated with Wiesemann & Theis GmbH