CVE-2008-1262

The administration panel on the Airspan WiMax ProST 4.1 antenna with 6.5.38.0 software does not verify authentication credentials, which allows remote attackers to (1) upload malformed firmware or (2) bind the antenna to a different WiMAX base station via unspecified requests to forms under process_adv/.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name	Vendor	Start Version	End Version
Wimax_prost	Airspan	4.1 (including)	4.1 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/114.html
https://cwe.mitre.org/data/definitions/115.html
https://cwe.mitre.org/data/definitions/151.html
https://cwe.mitre.org/data/definitions/194.html
https://cwe.mitre.org/data/definitions/22.html
https://cwe.mitre.org/data/definitions/57.html
https://cwe.mitre.org/data/definitions/593.html
https://cwe.mitre.org/data/definitions/633.html
https://cwe.mitre.org/data/definitions/650.html
https://cwe.mitre.org/data/definitions/94.html

References

http://airspan4wimax.googlepages.com/
http://secunia.com/advisories/29265
http://www.0x000000.com/?i=524
http://www.gnucitizen.org/projects/router-hacking-challenge/
http://www.kb.cert.org/vuls/id/248372
http://www.securityfocus.com/archive/1/489009/100/0/threaded
http://www.securityfocus.com/bid/28122
http://www.sharemethods.net/nepal/servlet/open?keeppath=false\u0026aid=29820
http://www.vupen.com/english/advisories/2008/0802/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41052

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1262
CWE	https://cwe.mitre.org/data/definitions/287.html

Improper Authentication

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References