Tenda AC5 AC1200 Wireless – ‘WiFi Name & Password’ Stored Cross Site Scripting

• Exploit Database
• 15 阅读

• 作者： Chiragh Arora
  日期： 2021-01-26
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/49478/

• # Exploit Title: Tenda AC5 AC1200 Wireless - 'WiFi Name & Password' Stored Cross Site Scripting
  # Exploit Author: Chiragh Arora
  # Hardware Model: Tenda AC5 AC1200
  # Firmware version: V15.03.06.47_multi
  # Tested on: Kali Linux
  # CVE ID: CVE-2021-3186
  # Date: 25.01.2021
  
  ##########################################################################
  
  Steps to Reproduce -
  
   - Navigate to the Tenda AC1200 gateway with 192.168.0.1 
   - Follow up to the WiFi Settings and click the “WiFi Name & Password” option there.
   - Manipulate the WiFi Name with "<script>alert(1)</script>"
   - Click the “Save” button & as the page refresh, you’ll got an alert stating “1” within it.
   
  Note: It doesn’t matter which Network Name parameter (2.4 GHz or 5 GHz) you’re manipulating, you’ll encounter the popup over in both of them.