* Red-Alert with hardware version 2.7.5, software version 3.1 build 24
Any unauthenticated user can remotely reboot the Red-Alert appliance through a malformed request to the web server. When a browser request is longer than approximately 1230 bytes, the appliance reboots. Consequently, all information is lost. Anything sent to the device's TCP port 80 longer than approx. 1230 bytes reboots it, whether it's a valid request or not. In order to test the vulnerability, issue the following request:
Probe Administration Authentication
The authentication of the probe administrator is bound to the user's IP address. If multiple users are behind NAT or a proxy, any of those users can access the administration GUI without restrictions after authentication was successful by the admin. The authentication does, in fact, expire after a few minutes of inactivity. However, since the events popup page auto-refreshes itself the session will potentially never expire.
Incorrect Identification Of Wireless Network With SSID Containing Multiple Spaces
If there are wireless networks detected by the probe with an SSID containing multiple space (0x20) characters, the probe fails to correctly identify them. For example, if a network has the SSID " ", the probe will detect it as " "(single space character). Any sequence of multiple space characters in any substring of the SSID are represented as one single space character, which causes identification to fail.
The vendor has released a new frimware version.