CVE-2023-47578 in RELY-PCIeinfo

Summary

by MITRE • 12/13/2023

Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 04/21/2025

The vulnerability identified as CVE-2023-47578 affects Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 network security devices, presenting a critical Cross Site Request Forgery flaw that compromises the integrity of the web-based management interface. This vulnerability stems from the complete absence of anti-CSRF protection mechanisms within the device's web administration portal, making it susceptible to unauthorized actions performed on behalf of authenticated users without their knowledge or consent.

The technical flaw manifests through the lack of CSRF tokens or other protective measures that would normally validate the authenticity of requests originating from the legitimate web interface. When an authenticated user visits a malicious website or clicks on a crafted link, the attacker can trigger unauthorized administrative actions such as changing network configurations, modifying user accounts, updating firmware settings, or altering security policies. The vulnerability operates at the application layer and specifically targets the web administration interface, which is typically used by network administrators to configure and manage device settings.

The operational impact of this CSRF vulnerability is severe as it allows remote attackers to perform administrative actions without requiring authentication credentials or exploiting other vulnerabilities. An attacker could potentially gain persistent control over network security devices, modify firewall rules, disable security features, or redirect network traffic to compromise the entire network infrastructure. The attack requires minimal sophistication and can be executed through simple web-based techniques, making it particularly dangerous in environments where these devices are exposed to untrusted networks or where administrators might inadvertently visit malicious websites.

This vulnerability maps directly to CWE-352, which specifically addresses Cross-Site Request Forgery weaknesses in web applications. From an ATT&CK framework perspective, this represents a technique that enables initial access and privilege escalation through the manipulation of authenticated sessions. The lack of CSRF protection in the device's web interface creates a persistent threat vector that can be exploited by attackers who have already gained access to the network or who can perform social engineering campaigns targeting administrators. Organizations using these devices face significant risk of unauthorized configuration changes, potential data breaches, and complete compromise of their network security posture.

Mitigation strategies should include immediate implementation of CSRF protection mechanisms such as anti-CSRF tokens, origin validation, and referer header checks within the web interface. Network administrators should also consider implementing additional security controls including network segmentation, restricted access to administrative interfaces, and mandatory use of secure protocols such as HTTPS with strong encryption. Regular firmware updates should be applied, and organizations should conduct thorough security assessments to identify other potential vulnerabilities in their network infrastructure. The most effective long-term solution involves ensuring that all web-based administrative interfaces implement robust CSRF protection mechanisms as recommended by OWASP and other security standards organizations.

Reservation

11/06/2023

Disclosure

12/13/2023

Moderation

accepted

CPE

ready

EPSS

0.00302

KEV

no

Activities

very low

Sources

Do you want to use VulDB in your project?

Use the official API to access entries easily!