# Exploit Title: Ubee EVW3200 - Multiple Cross Site Request Forgery # Google Dork: N/A # Date: 02-03-2014 # Exploit Author: Jeroen - IT Nerdbox # Vendor Homepage: http://www.ubeeinteractive.com/ # Software Link: http://www.ubeeinteractive.com/products/cable?field_product_catetory_tid=20 # Version: All # Tested on: N/A # CVE : N/A # ## Description: # # The Ubee ECV3200 does not use Anti CSRF tokens in any of its forms. # ## PoC: # #
# #
# # # # #
The payload has been executed....
# # # # More information can be found at: http://www.nerdbox.it/ubee-evw3200-multiple-vulnerabilities/