CVE-2023-52235

CVSS 8.8 HIGHEPSS 0.5%CWE-350

In short

The SpaceX Starlink Wi-Fi router and dish contain a security flaw that allows attackers to trick your browser into sending unwanted commands (like reboot requests) to your device through DNS manipulation. This happens because the devices don't properly verify that requests actually come from legitimate sources.

Technical detail

The vulnerability exploits insufficient CSRF protection in Starlink Gen 2 router and dish interfaces, leveraging DNS rebinding to bypass same-origin policies. An attacker can craft malicious websites that, when visited by an authenticated user, trigger unauthorized administrative actions such as device reboots without user consent. Affected versions: router before 2023.53.0 and specific dish firmware versions.

Summary generated and translated by AI from the official description.

SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee-de28928aed34 allow CSRF (e.g., for a reboot) via a DNS Rebinding attack.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://bugcrowd.com/disclosures/f529009b-90eb-4bf9-957d-6fe7ea890fa2/starlink-dishy-is-vulnerable-to-csrf-via-dns-rebinding