CVE-2010-4275 in Radius Manager
Summary
by MITRE
Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticated administrators to inject arbitrary web script or HTML via the (1) name or (2) descr parameter in an (a) update_usergroup or a (b) store_nas action to admin.php.
Be aware that VulDB is the high quality source for vulnerability data.
Analysis
by VulDB Data Team • 11/12/2025
The vulnerability identified as CVE-2010-4275 represents a critical cross-site scripting flaw within Radius Manager version 3.8.0 that specifically targets authenticated administrative users. This vulnerability falls under the Common Weakness Enumeration category CWE-79 which defines improper neutralization of input during web page generation, commonly known as cross-site scripting. The flaw exists in the administrative interface of the Radius Manager system, which is widely used for managing network access control and user authentication services in enterprise environments.
The technical implementation of this vulnerability occurs through two distinct parameter injection points within the administrative PHP script. Attackers with valid administrative credentials can exploit the vulnerability by manipulating the name or descr parameters during specific administrative operations. These operations include the update_usergroup action and the store_nas action, both of which are processed through the admin.php endpoint. The vulnerability specifically affects the administrative interface where user groups and network access servers are configured, making it particularly dangerous for network security administrators who frequently use these functions.
The operational impact of this vulnerability extends beyond simple script injection, as it enables attackers to execute malicious code within the context of the victim administrator's browser session. This creates a significant risk for network security management since administrators typically possess elevated privileges and access to sensitive network configuration data. The attack requires only authenticated access, which means that an attacker who has already compromised administrative credentials can leverage this vulnerability to perform session hijacking, steal administrative privileges, or redirect users to malicious sites. According to the MITRE ATT&CK framework, this vulnerability maps to the T1059.007 technique for command and scripting interpreter and the T1566.001 technique for spearphishing with a link, as it enables attackers to establish persistent access through compromised administrative sessions.
The exploitation of this vulnerability demonstrates a classic privilege escalation scenario where an attacker with administrative access can use the XSS flaw to maintain persistence within the network management system. This creates a dangerous situation where the attacker can monitor administrative activities, modify network configurations, or even redirect network traffic through the compromised Radius Manager interface. The vulnerability affects the core authentication and authorization functions of the system, potentially allowing attackers to manipulate user access rights, modify network access policies, or gain unauthorized access to network resources. Organizations using Radius Manager should consider this vulnerability as a critical threat to their network security infrastructure, particularly in environments where administrative access to network management systems is centralized and protected by administrative credentials rather than multi-factor authentication mechanisms.