CVE-2015-2805

Alcatel-Lucent OmniSwitch Firmware < 6.4.5.r02 - Cross-Site Request Forgery via User Creation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2805. PoCs published by RedTeam Pentesting.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Alcatel-Lucent OmniSwitch devices, allowing an attacker to create a new user with administrative privileges via a crafted HTML form. The PoC includes a form that submits a POST request to the switch's web interface, adding a user 'attacker' with a known password.

Description

Cross-site request forgery (CSRF) vulnerability in sec/content/sec_asa_users_local_db_add.html in the management web interface in Alcatel-Lucent OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855, 6900, 10K, and 6860 with firmware 6.4.5.R02, 6.4.6.R01, 6.6.4.R01, 6.6.5.R02, 7.3.2.R01, 7.3.3.R01, 7.3.4.R01, and 8.1.1.R01 allows remote attackers to hijack the authentication of administrators for requests that create users via a crafted request.

Exploits (1)

exploitdb WORKING POC
by RedTeam Pentesting · textwebappshardware
https://www.exploit-db.com/exploits/37261

This exploit demonstrates a CSRF vulnerability in Alcatel-Lucent OmniSwitch devices, allowing an attacker to create a new user with administrative privileges via a crafted HTML form. The PoC includes a form that submits a POST request to the switch's web interface, adding a user 'attacker' with a known password.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Alcatel-Lucent OmniSwitch (multiple models, AOS versions 6.4.5.R02 to 8.1.1.R01)
Auth required
Prerequisites: Victim must be authenticated to the switch's web interface · Attacker must know the IP address of the switch
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/535732/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1032544
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2015/Jun/23
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/75121
Exploit exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/37261/

Scores

EPSS 0.0305
EPSS Percentile 85.8%

Details

CWE
CWE-352
Status published
Products (1)
alcatel-lucent/omniswitch_firmware < 6.4.5.r02
Published Jun 16, 2015
Tracked Since Feb 18, 2026