关联漏洞
标题:
Advantech多款产品 安全漏洞
(CVE-2025-48461)
描述:Advantech WISE-4060LAN是中国台湾研华(Advantech)公司的一个工业自动化控制器。 Advantech多款产品存在安全漏洞,该漏洞源于会话cookie可预测导致暴力破解和账户接管。以下产品受到影响:WISE-4010LAN、WISE-4050LAN和WISE-4060LAN。
介绍
# CVE-2025-48461
Predictable session cookies that can be bruteforced to gain unauthorized access to Advantech WISE portal
# Summary
During examination of Advantech WISE-4060 web portal, I have discovered that the session cookies used to authenticate to the web portal follows the pattern ```60D01EXXXXX```. This allows any unauthorized attacker to generate all possible permutations of all the session cookies and carry out a bruteforce attack against the portal to find a valid session cookie used to authenticate to the web portal.
This vulnerability was discovered during SPIRICYBER-24 IoT/ OT Hackathon organized by CSA(Cybersecurity Agency of Singapore)
# Impact
Any unauthorized user is able to authenticate as an admin user and modify settings/firmware for Advantech WISE-4060
# References
https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-061/
https://www.cve.org/CVERecord?id=CVE-2025-48461
# Timeline
- 2024-08-10: Report submitted to SpiritCyber IoT Hackathon triage team
- 2024-08-20: Report accepted by triage team
- 2025-06-17: CSA SingCert assigns CVE-2025-48461
- 2025-06-24: Public disclosure
文件快照
[4.0K] /data/pocs/e4d5b79487361acd2423bd8635480c4eff77801e
└── [1.1K] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。