Genexis Platinum-4410 P4410-V2-1.31A – ‘start_addr’ Persistent Cross-Site Scripting

• Exploit Database
• 13 阅读

• 作者： Jithin KS
  日期： 2021-03-25
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/49709/

• # Exploit Title: Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting
  # Date: 03/25/2020
  # Exploit Author: Jithin KS
  # Vendor Homepage: https://www.gxgroup.eu/ont-products/
  # Version: Platinum-4410 Software version - P4410-V2-1.31A
  # Tested on: Windows 10
  # Author Contact: hhttps://twitter.com/jithinks_8<https://twitter.com/amalmohandas0>
  
  Vulnerability Details
  ======================
  Genexis Platinum-4410 Home Gateway Unit is vulnerable to stored XSS in the "start_addr" parameter. This could allow attackers to perform malicious action in which the XSS popup will affect all privileged users.
  
  How to reproduce
  ===================
  1. Login to the firmware as any user
  2. Navigate to Manage tab--> Security Management
  3. Enter any valid value in Start Source Address and fill all other fields. Click Add.
  4. Capture this request in Burp Suite. Enter payload <script>alert(1)</script> in "start_addr" text box and forward the request.
  5. Relogin as any user and again navigate to Manage tab--> Security Management
  6. Observe the XSS popup showing persistent XSS