Security advisory - CVE-2019-9231

Cross-Site Request Forgery in AudioCodes Mediant family

Affected Products


AudioCodes Mediant family of multi-service business routers (MSBRs) offers service providers a range of all-in-one SOHO, SMB and SME routers combining access, data, voice and security into a single device.[1]
During our research we found a DoS(CVE-2019-9228), a XXS(CVE-2019-9230) and CSRF(CVE-2019-9231) vulnerability. Although we could gain access to quagga VTYs(CVE-2019-9229).



A Cross-Site Request Forgery (CSRF) vulnerability in the management web interface allows remote attackers to execute malicious and unauthorized actions, because CSRF Protection is not activated by default and the option is not documented in the user manual or security guidelines.

Affected Versions

F7.20A to F7.20A.202.307 and any Version shipped with version before F7.20A.202.307. The CSRF protection was implemented in version 7.20A.202.307 but is not activated by default. The option is not documented in the Mediant 500L user manual or security guidelines. Devices shipped with version F7.20A.202.307 and later have the option enabled by default. The option is not activated in an update.


Update to F7.20A.202.307 or higher and activate the CSRF protection. The option could be enabled only by the upload of a ini file with the parameter CSRFProtection=1

Disclosure Timeline

2019/02/14 vendor contacted
2019/02/14 initial vendor response
2019/02/14 vendor informs about start of review process
2019/02/15 vendor requests further details
2019/02/15 further details provided
2019/02/18 vendor informs about detail analysis
2019/02/19 vendor confirmation, planned fixes and roadmap provided
2019/03/01 CVEs assigned
2019/06/28 vendor informs that planned fixes are published