Scopia XT Desktop 8.3.915.4 Cross Site Request Forgery ≈ Packet Storm – Digitalmunition




Exploit/Advisories no-image-featured-image.png

Published on September 11th, 2020 📆 | 2654 Views ⚑

0

Scopia XT Desktop 8.3.915.4 Cross Site Request Forgery ≈ Packet Storm

Scopia XT Desktop 8.3.915.4 Cross Site Request Forgery
Posted Sep 9, 2020
Authored by V1n1v131r4

Scopia XT Desktop version 8.3.915.4 suffers from a cross site request forgery vulnerability.

tags | exploit, csrf
MD5 | 2f67835c85249d7446fe17222121f0a8
# Exploit Title: Scopia XT Desktop 8.3.915.4 - Cross-Site Request Forgery (change admin password)
# Google Dork: inurl:scopia+index.jsp
# Date: 2020-09-09
# Exploit Author: v1n1v131r4
# Vendor Homepage: https://avaya.com
# Software Link: https://support.avaya.com/downloads/download-details.action?contentId=C201772012204170_4&productId=P1605
# Version: 8.3.915.4
# Tested on: Windows 10 Pro
# CVE : N/A
# PoC: https://github.com/V1n1v131r4/Exploit-CSRF-on-SCOPIA-XT-Desktop-version-8.3.915.4

# CSRF to change admin password
# The admin password will be changed to "attacker"

< !DOCTYPE html>













Source link

Tagged with:



Leave a Reply

Your email address will not be published. Required fields are marked *


loading...