CVE-2012-1921

Sitecom WLM-2501 - Cross-Site Request Forgery via pskValue Parameter

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2012-1921.

AI-analyzed exploit summary This is a functional CSRF exploit targeting Sitecom WLM-2501 routers, allowing an attacker to change the wireless passphrase via a crafted HTML form submission. The exploit leverages the lack of CSRF protection in the router's web interface.

Description

Cross-site request forgery (CSRF) vulnerability in goform/admin/formWlEncrypt in Sitecom WLM-2501 allows remote attackers to hijack the authentication of administrators for requests that change the router passphrase via the pskValue parameter.

Exploits (2)

exploitdb WORKING POC

webappshardware

https://www.exploit-db.com/exploits/18597

View Code ZIP pw:eip

This is a functional CSRF exploit targeting Sitecom WLM-2501 routers, allowing an attacker to change the wireless passphrase via a crafted HTML form submission. The exploit leverages the lack of CSRF protection in the router's web interface.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Sitecom WLM-2501 Wireless Modem Router 300N

No auth needed

Prerequisites: Victim must be authenticated to the router's web interface · Attacker must trick the victim into visiting a malicious page

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 19, 2026 Full analysis →

exploitdb WORKING POC

webappsasp

https://www.exploit-db.com/exploits/18651

View Code ZIP pw:eip

This exploit demonstrates multiple CSRF vulnerabilities in the Sitecom WLM-2501 router's web interface, allowing an attacker to disable various security features via crafted HTML forms. The PoC includes functional HTML/JavaScript snippets that automatically submit malicious requests to the router's management interface.

Classification

Working Poc 100%

Attack Type

Other

Complexity

Trivial

Reliability

Reliable

Target: Sitecom WLM-2501 (and potentially other Sitecom WL series routers)

No auth needed

Prerequisites: Victim must be authenticated to the router's web interface · Attacker must trick victim into visiting a malicious page

MITRE ATT&CK

T1189 - Drive-by Compromise T1185 - Browser Session Hijacking

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (2)

Core 2

Core References

Various Sources x_refsource_misc

http://ivanobinetti.blogspot.com/2012/03/sitecom-wlm-2501-change-wireless.html

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.org/files/110770/Sitecom-WLM-2501-Cross-Site-Request-Forgery.html

Scores

EPSS 0.0096

EPSS Percentile 56.7%

Details

CWE

CWE-352

Status published

Products (1)

sitecom/wlm-2501

Published Aug 26, 2012

Tracked Since Feb 18, 2026