AOH :: HP Unsorted F :: VA1403.HTM

FtitzBox



FtitzBox
FtitzBox



######################################
# Exploitation: Remote with browser
# Exploit: Available
# Impact: Medium
# Fix: N/A
######################################


####################
- Description:
####################
Via XSRF change settings in FritzBox.


####################
- Vulnerability:
####################
XSRF vulnerability, when you use the FritzBox without passwort login


####################
- example Exploit for Portforwarding:
####################


action="http://www.fritz.box/cgi-bin/webcm" method="POST" name="form">
(this is only a example code for portforwarding for other things they are other variables!!!) #################### - Solution: #################### Use FritzBox only with passwort thx to skskilL & NBBN

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.