CVE-2010-4507

iSpot and ClearSpot Firmware 2.0.0.0 - Cross-Site Request Forgery via Multiple CGI Endpoints

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4507. PoCs published by Trustwave's SpiderLabs.

AI-analyzed exploit summary This advisory details CSRF vulnerabilities in Clear iSpot/ClearSpot 4G devices, allowing arbitrary command execution via crafted HTTP requests. It includes examples of adding users, removing passwords, enabling remote access, and downloading files.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the ClearSpot 2.0.0.0 R1512 and R1786, with firmware 1.9.9.4 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary commands via the cmd parameter in an act_cmd_result action to webmain.cgi, (2) enable remote management via an enable_remote_access act_network_set action to webmain.cgi, (3) enable the TELNET service via an ENABLE_TELNET act_set_wimax_etc_config action to webmain.cgi, (4) enable TELNET sessions via a certain act_network_set action to webmain.cgi, or (5) read arbitrary files via the FILE_PATH parameter in an act_file_download action to upgrademain.cgi.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Trustwave's SpiderLabs · textwebappshardware

https://www.exploit-db.com/exploits/15728

View Code ZIP pw:eip

This advisory details CSRF vulnerabilities in Clear iSpot/ClearSpot 4G devices, allowing arbitrary command execution via crafted HTTP requests. It includes examples of adding users, removing passwords, enabling remote access, and downloading files.

Classification

Writeup 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Clear iSpot/ClearSpot 4G (versions 2.0.0.0 and earlier)

No auth needed

Prerequisites: Victim must visit a malicious link or page while authenticated to the device

MITRE ATT&CK

T1189 - Drive-by Compromise T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/15728/

Exploit x_refsource_misc

https://www.trustwave.com/spiderlabs/advisories/TWSL2010-008.txt

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/42590

Scores

EPSS 0.0182

EPSS Percentile 75.9%

Details

CWE

CWE-352

Status published

Products (4)

clear/clearspot 2.0.0.0 r1512 (2 CPE variants)

clear/clearspot_firmware 1.9.9.4

clear/ispot 2.0.0.0 r1679

clear/ispot_firmware 1.9.9.4

Published Dec 30, 2010

Tracked Since Feb 18, 2026