P5 FNIP-8x16A and FNIP-4xSH Cross-Site Request Forgery Vulnerability

A cross-site request forgery (CSRF) vulnerability has been identified in P5 FNIP-8x16A version 1.0.20 and FNIP-4xSH version 1.0.11. This vulnerability allows attackers to perform administrative actions without user interaction. By crafting malicious web pages, attackers can trick authenticated users into loading the page, which can result in the addition of new admin users, password changes, and modifications to system configurations.

Impact

Exploitation of this vulnerability allows for unauthorized administrative actions to be performed, such as adding admin users, changing passwords, and modifying system configurations. Additionally, according to the P5 advisory, this vulnerability could be combined with cross-site scripting (XSS) attacks.

Reproduction

To reproduce this vulnerability, an authenticated user must be persuaded to visit a malicious website. The attacker can then send a crafted HTTP request to the user.cgi script, exploiting the CSRF vulnerability to perform actions such as adding an admin user or changing an admin password. This can be done by including the necessary parameters in the request, such as username, password, and user role.