TP-Link TL-WR740N - Cross-Site Scripting

EDB-ID:

43148

CVE:

N/A


Author:

bl00dy

Type:

webapps


Platform:

Hardware

Date:

2017-11-16


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: XSS Vuln - TP-LINK TL-WR740N
# Date: 15/11/2017
# Exploit Author: bl00dy
# Vendor Homepage: http://www.tp-link.com <http://www.tp-link.com.br/>
# Version: TP-LINK TL-WR740N - 3.17.0 Build 140520 Rel.75075n
# Tested on: Windows 8.1

Cross-site scripting (XSS) in TP-LINK TL-WR740N

______________________________________________________

Proof of Concept:

1. Go to your wireless router ip (ex. 192.168.0.1)

2. Go to Wireless and -Wireless MAC Filtering- tab

3. Click Add new button

5.Write random MAC Address and in -Description- write (<h1>XSS by
bl00dy</h1>)

6.Click save and you will see XSS in Wireless MAC Filtering tab
______________________________________________________