CVE-2014-8654

Compal Broadband Networks CH6640E/CG6640E Wireless Gateway 1.0 - CSRF

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8654. PoCs published by LiquidWorm.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in CBN CH6640E/CG6640E Wireless Gateway, including authorization bypass via cookie manipulation, DoS via a specific GET request, stored XSS via cookie injection, and CSRF for various configuration changes. The PoC provides clear examples of exploit URLs and payloads.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Compal Broadband Networks (CBN) CH6640E and CG6640E Wireless Gateway hardware 1.0 with firmware CH6640-3.5.11.7-NOSH allow remote attackers to hijack the authentication of administrators for requests that (1) have unspecified impact on DDNS configuration via a request to basicDDNS.html, (2) change the wifi password via the psKey parameter to setWirelessSecurity.html, (3) add a static MAC address via the MacAddress parameter in an add_static action to setBasicDHCP1.html, or (4) enable or disable UPnP via the UPnP parameter in an apply action to setAdvancedOptions.html.

Exploits (1)

exploitdb WORKING POC
by LiquidWorm · textwebappshardware
https://www.exploit-db.com/exploits/35075

The exploit demonstrates multiple vulnerabilities in CBN CH6640E/CG6640E Wireless Gateway, including authorization bypass via cookie manipulation, DoS via a specific GET request, stored XSS via cookie injection, and CSRF for various configuration changes. The PoC provides clear examples of exploit URLs and payloads.

Classification
Working Poc 90%
Attack Type
Auth Bypass | Dos | Xss | Csrf | Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Compal Broadband Networks CH6640E/CG6640E Wireless Gateway (Firmware CH6640-3.5.11.7-NOSH)
No auth needed
Prerequisites: Network access to the target device · Ability to send HTTP requests to the device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/70762
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/98329
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/35075
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/113840
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/113843
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/113842
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/show/osvdb/113841

Scores

EPSS 0.0287
EPSS Percentile 85.0%

Details

CWE
CWE-352
Status published
Products (3)
compal_broadband_networks/cg6640e_wireless_gateway 1.0
compal_broadband_networks/ch664oe_wireless_gateway 1.0
compal_broadband_networks/firmware ch6640-3.5.11.7-nosh
Published Nov 06, 2014
Tracked Since Feb 18, 2026