KuWFi 4G LTE AC900 Router Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the KuWFi 4G LTE AC900 router, specifically in version 1.0.13. This vulnerability resides in the web management interface, where an attacker can manipulate an authenticated admin user into executing unauthorized actions. Such actions may include exploiting a command injection vulnerability in the 'formMultiApnSetting' endpoint, potentially leading to unauthorized changes in router configuration.

Impact

Exploitation of this vulnerability could allow for command injection, with the possibility of enabling unauthorized services such as Telnet, or making critical configuration changes on the router.

Reproduction

To reproduce this vulnerability, an attacker must trick an authenticated admin user into visiting a malicious webpage that contains an auto-submitted form. This form can be designed to send a POST request to the 'formMultiApnSetting' endpoint with a payload that exploits the command injection vulnerability, such as inserting a command to enable Telnet services.