TUCoPS :: HP Unsorted F :: va1403.htm

FtitzBox
FtitzBox
FtitzBox


######################################
# Exploitation: Remote with browser
# Exploit: Available
# Impact: Medium
# Fix: N/A
######################################


####################
- Description:
####################
Via XSRF change settings in FritzBox.


####################
- Vulnerability:
####################
XSRF vulnerability, when you use the FritzBox without passwort login


####################
- example Exploit for Portforwarding:
####################



action="http://www.fritz.box/cgi-bin/webcm" method="POST" name="form"> 






















(this is only a example code for portforwarding for other things they are other variables!!!)

####################
- Solution:
####################
Use FritzBox only with passwort



thx to skskilL & NBBN

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH