CVE-2013-6976

Cisco EPC3925 - Cross-Site Request Forgery via Quick Setup Password Change

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2013-6976. PoCs published by Jeroen - IT Nerdbox.

AI-analyzed exploit summary This exploit demonstrates a persistent Cross-Site Scripting (XSS) vulnerability in Cisco EPC3925 via the DdnsHostName parameter. The payload bypasses client-side input validation and executes arbitrary JavaScript when triggered.

Description

Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496.

Exploits (2)

exploitdb WORKING POC
by Jeroen - IT Nerdbox · textwebappshardware
https://www.exploit-db.com/exploits/30415

This exploit demonstrates a persistent Cross-Site Scripting (XSS) vulnerability in Cisco EPC3925 via the DdnsHostName parameter. The payload bypasses client-side input validation and executes arbitrary JavaScript when triggered.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Cisco EPC3925 (epc3925-E10-5-v302r125572-130520c)
Auth required
Prerequisites: Access to the admin interface · Valid credentials for authentication
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Jeroen - IT Nerdbox · textwebappshardware
https://www.exploit-db.com/exploits/30362

This exploit demonstrates a CSRF vulnerability in Cisco EPC3925, allowing an attacker to change the admin password without authentication by submitting a crafted POST request to the Quick_setup endpoint.

Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target: Cisco EPC3925 (epc3925-E10-5-v302r125572-130520c)
No auth needed
Prerequisites: Victim must visit a malicious webpage while logged into the router's admin interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/64341
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/124449/Cisco-EPC3925-Cross-Site-Request-Forgery.html
Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/30362/
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/101097

Scores

EPSS 0.0365
EPSS Percentile 88.2%

Details

CWE
CWE-352
Status published
Products (1)
cisco/epc3925
Published Dec 19, 2013
Tracked Since Feb 18, 2026