CVE-2012-5320
Sagem F@ST 2604 - Cross-Site Request Forgery via sysPassword Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-5320. PoCs published by KinG Of PiraTeS.
AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in the Sagem F@ST 2604 router, allowing an attacker to change the admin password by tricking a logged-in user into visiting a malicious HTML page. The exploit submits a form to the router's password.cgi endpoint with a new password.
Description
Cross-site request forgery (CSRF) vulnerability in password.cgi in Sagem F@ST 2604 253180972B allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via the sysPassword parameter.
Exploits (1)
This exploit demonstrates a CSRF vulnerability in the Sagem F@ST 2604 router, allowing an attacker to change the admin password by tricking a logged-in user into visiting a malicious HTML page. The exploit submits a form to the router's password.cgi endpoint with a new password.