3 matches found
CVE-2014-4155
Cross-site request forgery CSRF vulnerability in the ZTE ZXV10 W300 router with firmware W300V1.0.0aZRDLK allows remote attackers to hijack the authentication of administrators for requests that change the admin password via a request to Forms/toolsadmin1...
CVE-2014-4155
CVE-2014-4155 affects the ZTE WXV10 W300 router (firmware W300V1.0.0a_ZRD_LK). It is a CSRF flaw in the admin interface (Forms/tools_admin_1) allowing remote attackers to hijack administrator authentication and change the admin password. Root cause: CSRF in admin form handling. Exploitation detai...
ZTE WXV10 W300 Disclosure / CSRF / Default
Exploit Title: ZTE WXV10 W300 Multiple Vulnerabilities Date: 17-05-2014 Server Version: RomPager/4.07 UPnP/1.0 Tested Routers: ZTE ZXV10 W300 Firmware: W300V1.0.0aZRDLK ADSL Firmware: FwVer:3.11.2.175TC3086 HwVer:T14.F75.0 Tested on: Kali Linux x8664 Exploit Author: Osanda Malith Jayathissa...