41 lines
No EOL
954 B
Text
41 lines
No EOL
954 B
Text
# Exploit Title: Stored XSS Vulnerability in NETGEAR DGN2200 Web interface
|
|
|
|
# Date 30/04/2014
|
|
|
|
# Exploit author: Dolev Farhi @f1nhack
|
|
|
|
# Vendor homepage: http://netgear.com
|
|
|
|
# Affected Firmware version: 1.0.0.29_1.7.29_HotS
|
|
|
|
# Affected Hardware: NETGEAR DGN2200 Wireless ADSL Router
|
|
|
|
|
|
|
|
|
|
Summary
|
|
=======
|
|
NETGEAR DGN2200 ADSL router web interface suffers from persistent XSS vulnerability in the QoS(Quality of Service) Administration page under 'Expert Mode'.
|
|
|
|
|
|
|
|
Vulnerability Description
|
|
=========================
|
|
Persistent Cross Site Scripting
|
|
|
|
|
|
|
|
Steps to reproduce / PoC:
|
|
=========================
|
|
1. Login to the router web interface
|
|
|
|
2. Enter expert mode
|
|
|
|
3. navigate to QoS page
|
|
|
|
4. Add QoS Rule, or Edit an existing one.
|
|
|
|
5. in "QoS Policy for: " Enter the following: <script>alert("XSS")</script> and click apply.
|
|
|
|
6. go to another page and navigate back into QoS - the XSS error pops up.
|
|
- PoC Video: https://www.youtube.com/watch?v=xxjluF2RR70 |