TP-Link TL-WR740N – Cross-Site Scripting

Exploit Database
36 阅读

作者： bl00dy

日期： 2017-11-16
类别：
- webapps
平台：
- hardware
来源：https://www.exploit-db.com/exploits/43148/

# Exploit Title: XSS Vuln - TP-LINK TL-WR740N
# Date: 15/11/2017
# Exploit Author: bl00dy
# Vendor Homepage: http://www.tp-link.com <http://www.tp-link.com.br/>
# Version: TP-LINK TL-WR740N - 3.17.0 Build 140520 Rel.75075n
# Tested on: Windows 8.1

Cross-site scripting (XSS) in TP-LINK TL-WR740N

______________________________________________________

Proof of Concept:

1. Go to your wireless router ip (ex. 192.168.0.1)

2. Go to Wireless and -Wireless MAC Filtering- tab

3. Click Add new button

5.Write random MAC Address and in -Description- write (<h1>XSS by
bl00dy</h1>)

6.Click save and you will see XSS in Wireless MAC Filtering tab
______________________________________________________

last Exploits
TP-Link TL-WR740N – Cross-Site Scripting的更多信息

MyBB Moderator Log Notes Plugin 1.1 – Cross-Site Scripting：
Huawei E5330 21.210.09.00.158 – Cross-Site Request Forgery (Send SMS)：
Ovidentia 8.4.3 – Cross-Site Scripting：
WordPress Plugin Add From Server < 3.3.2 - Cross-Site Request Forgery (Arbitrary File Upload)：
Simple Task List 1.0 – ‘status’ SQLi：
PEEL Premium 5.71 – SQL Injection：
pL-PHP 0.9 – ‘index.php’ Cross-Site Scripting：
Log1 CMS 2.0 – Multiple Vulnerabilities：