CSRF | CiscoZine

Entries Tagged ‘CSRF’

How to test Cisco Cross-Site Request Forgery

Sep.18, 2008 in Exploit Leave a Comment

Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit. Replace “10.10.10.1″ with the IP address of the target router, embed this in a web page and hope for the best. This is only for test use.

Tags: CSRF, Exploit

Cisco Cross-Site Request Forgery

Sep.18, 2008 in Security Advisory Leave a Comment

Cisco routers with the HTTP administration interface enabled are vulnerable to an CSRF (Cross-Site Request Forgery) vulnerability that can yield remote command execution with level 15 privileges.
An attacker can execute ANY command on the router with level 15 (root, same as enable) privileges (usually level 15 user by default) by getting a target user (administrator [...]

Tags: CSRF

Categories
- Exploit (2)
- New products (6)
- Security Advisory (7)
- Stories (20)
- Tutorial (19)
Meta

Popular Posts
Tags
ACS Advanced configuration ASA Basic configuration Business CBG CCIE CCX Certifications Cisco Consumer Business Group Cisco Virtual Office Ciscozine Competition Configuration register CSRF DHCP operation DHCP server DOS EAP Exploit GTAP Hidden commands High Availability HSRP Internet IPv6 Jabber Linksys Monitor Physical Security PIX Privilege levels Remote Control SDM Secure a router SNMP TelePresence Tips Undocumented Cisco commands Video Webcast WebEx WebEx exploit WebEx Meeting Manager Wifi
Archives
- January 2009 (2)
- December 2008 (11)
- November 2008 (8)
- October 2008 (12)
- September 2008 (21)
Links
Add to...

Entries Tagged ‘CSRF’

How to test Cisco Cross-Site Request Forgery

Cisco Cross-Site Request Forgery

Categories

Meta

Popular Posts

Tags

Archives

Links

Add to...