Werk #9526: Fix denial of service against webconf
| Component | Firmware |
| Title | Fix denial of service against webconf |
| Date | Apr 18, 2023 |
| Level | Trivial Change |
| Class | Bug Fix |
| Compatibility | Compatible - no manual interaction needed |
| Appliance Version | 1.6.5 |
Prior to this Werk an attacker was able to cause blocking IO in webconf rendering it unresponsive. (Denial of Service)
This vulnerability was identified through a commissioned penetration test conducted by OPTIMAbit (Roman Mueller).
Mitigations: In case updateing is not possible, one can limit access to Webconf to trusted IPs e.g. within Apache.
Indicators of Compromise: After a malicious/faulty request webconf will not be accessible for about 5 minutes. After these 5 minutes one can find messages containing [Errno 32] Broken pipe in /var/log/syslog.
Vulnerability Management: We have rated the issue with a CVSS Score of 7.5 (High) with the following CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. We assigned CVE-2023-22318 to this vulnerability.