← back
CVE-2013-6976

CVE-2013-6976

EPSS 3.7%
Cross-site request forgery (CSRF) vulnerability in goform/Quick_setup on Cisco EPC3925 devices allows remote attackers to hijack the authentication of administrators for requests that change a password via the Password and PasswordReEnter parameters, aka Bug ID CSCuh37496.
Affected products
n/a · n/a
public PoCs found4
cve_referencepacketstormsecurity.com/files/124449/Cisco-EPC3925-Cross-Site-Request-Forgery.htmlunverifiedcve_referencewww.exploit-db.com/exploits/30362/unverifiedexploitdbwww.exploit-db.com/exploits/30362unverifiedexploitdbwww.exploit-db.com/exploits/30415unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://osvdb.org/101097http://packetstormsecurity.com/files/124449/Cisco-EPC3925-Cross-Site-Request-Forgery.htmlhttp://www.exploit-db.com/exploits/30362/http://www.nerdbox.it/cisco-epc3925-csrf-vulnerability/http://www.securityfocus.com/bid/64341