P5 FNIP-8x16A and FNIP-4xSH Cross-Site Request Forgery Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in P5 FNIP-8x16A version 1.0.20 and FNIP-4xSH version 1.0.11. This vulnerability allows attackers to perform administrative actions without user consent. By tricking authenticated users into loading a specially crafted form, attackers can add new admin users, change passwords, and modify system configurations.

Impact

Exploitation of this vulnerability allows for unauthorized administrative actions, including adding admin users, changing passwords, and modifying system configurations. Additionally, according to IBM X-Force, this vulnerability could be exploited to perform cross-site scripting attacks, web cache poisoning, and other malicious activities.

Reproduction

To reproduce this vulnerability, an authenticated user must be persuaded to visit a malicious website that hosts a crafted form. This form can be designed to exploit the CSRF vulnerability by sending a request to the 'user.cgi' script with the necessary parameters to add an admin user or change a password. The cross-site scripting aspect can be reproduced by injecting script code into label fields via a form submission, which will then be executed in the context of the user's session on the affected site.