bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/44219.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

22 lines
No EOL
867 B
Text
Raw Permalink Blame History

########################################################################
# Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting
# Date: 11.02.2018
# Vendor Homepage: http://www.dlink.co.in
# Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M
# Category: Hardware
# Exploit Author: Prasenjit Kanti Paul
# Web: http://hack2rule.wordpress.com/
# Hardware Version: C1
# Firmware version: 3.01
# Tested on: Linux Mint
# CVE: CVE-2018-6936
##########################################################################
Reproduction Steps:
- Goto your wifi router gateway [i.e: http://192.168.0.1]
- Go to --> "Maintainence" --> "Admin"
- Create a user with name "<script>alert("PKP")</script>"
- Refresh the page and you will be having "PKP" popup
Note: It can also be done by changing SSID name to "<script>alert("PKP")</script>"
Reference in a new issue View git blame Copy permalink