# -----------------------------------------------------------#
WBR-3406 Wireless Broadband NAT Router Web-Console Password Change Bypass & CSRF Vulnerability
# This PoC code should do two main things:# 1. Cross Site Request Forgery (For more information, just google it).
# 2. This code change to new password without know the current password.
# The vulnerability work in a way that if we remove the "PA=" parameter which is the current password
# the application ignore that and change the password without even entering the old / current password.
# Bug discovered by Pr0T3cT10n AKA Yakir Wizman,
# Vendor site - http://www.level1.com/
# ISRAEL# -----------------------------------------------------------
# Author will be not responsible for any damage.# -----------------------------------------------------------
# PoC EXPLOIT
# -----------------------------------------------------------
# -----------------------------------------------------------
0 comments:
Post a Comment