Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-4845 PoC — 多款I-O DATA DEVICE产品跨站请求伪造漏洞

Source
https://github.com/kaito834/cve-2016-4845_csrf
Associated Vulnerability
Title:多款I-O DATA DEVICE产品跨站请求伪造漏洞 (CVE-2016-4845)
Description:Cross-site request forgery (CSRF) vulnerability on I-O DATA DEVICE HVL-A2.0, HVL-A3.0, HVL-A4.0, HVL-AT1.0S, HVL-AT2.0, HVL-AT3.0, HVL-AT4.0, HVL-AT2.0A, HVL-AT3.0A, and HVL-AT4.0A devices with firmware before 2.04 allows remote attackers to hijack the authentication of arbitrary users for requests that delete content.
Description
Proof of concept for CSRF vulnerability(CVE-2016-4825) on IO-DATA Recording Hard Disc Drive
Readme
# cve-2016-4845_csrf
Proof of concept for CSRF vulnerability(CVE-2016-4825) on IO-DATA Recording Hard Disc Drive.

# License
These codes are released under the MIT License. Please see LICENSE.txt.
File Snapshot

 [4.0K]  /data/pocs/e5a1ee4df1cdc1aa1ef97c1ba9cd464e706dafd3
├── [ 381]  cve-2016-4845_csrf-delete-formElement_poc.html
├── [5.5K]  cve-2016-4845_csrf-delete-withWebRTC_poc.html
├── [ 387]  cve-2016-4845_csrf-delete-XMLHttpRequest_poc.html
├── [ 83K]  HVL-A2.0_csrf-delete-withWebRTC_poc_chrome-result.png
├── [ 82K]  HVL-A2.0_csrf-delete-withWebRTC_poc_FF-result.png
├── [1.0K]  LICENSE
└── [ 197]  README.md

0 directories, 7 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →