CVE-2010-0713

Zenoss < 2.5 - Cross-Site Request Forgery via Admin Password Reset and Command Change

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-0713. PoCs published by Adam Baldwin.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Zenoss that allows an attacker to execute arbitrary commands via a crafted URL. The PoC includes a reverse shell payload using netcat, targeting the 'userCommands' feature.

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss 2.3.3, and other versions before 2.5, allow remote attackers to hijack the authentication of an administrator for (1) requests that reset user passwords via zport/dmd/ZenUsers/admin, and (2) requests that change user commands, which allows for remote execution of system commands via zport/dmd/userCommands/.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Adam Baldwin · textremotemultiple

https://www.exploit-db.com/exploits/33536

View Code ZIP pw:eip

This exploit demonstrates a CSRF vulnerability in Zenoss that allows an attacker to execute arbitrary commands via a crafted URL. The PoC includes a reverse shell payload using netcat, targeting the 'userCommands' feature.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Zenoss 2.3.3 and prior versions

No auth needed

Prerequisites: Victim must be authenticated and tricked into visiting the malicious URL

MITRE ATT&CK