# Exploit Title: Router ONO Hitron CDE-30364 - CSRF Vulnerability # Date: 14-9-2013 # Exploit Author: Matias Mingorance Svensson - matias.ms[at]owasp.org # Vendor Homepage: http://www.ono.es/clientes/te-ayudamos/dudas/internet/equipos/hitron/hitron-cde-30364/ # Tested on: Hitron Technologies CDE-30364 # Version HW: 1A # Version SW: 3.1.0.8-ONO ----------------------------------------------------------------------------------------- Introduction: ----------------------------------------------------------------------------------------- Hitron Technologies CDE-30364 is a famous ONO Router using, also, a web management interface in order to set and change device parameters. The Hitron Technologies CDE-30364's web interface (listening on tcp/ip port 80) is prone to CSRF vulnerabilities which allows to change router parameters and to perform many modifications to the router's parameters. The default ip adress of this adsl router, used for management purpose, is 192.168.1.1. ----------------------------------------------------------------------------------------- Exploit-1: Enable/Disable Web Site Blocking and add new Key Word/URL blocking(google in this case) -----------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------- Exploit-2: Enable/Disable Intrusion Detection System -----------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------- Exploit-3: Disable(None) Wireless Security Mode -----------------------------------------------------------------------------------------

----------------------------------------------------------------------------------------- Many other changes can be performed. -- Un saludo, Mat´┐Żas Mingorance Svensson *OWASP Foundation, Open Web Application Security Project* https://www.owasp.org http://es.linkedin.com/in/matiasms