bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/49708.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

23 lines
No EOL
1,015 B
Text
Raw Permalink Blame History

# Exploit Title: Linksys EA7500 2.0.8.194281 - Cross-Site Scripting
# Date: 3/24/21
# Exploit Author: MiningOmerta
# Vendor Homepage: https://www.linksys.com/
# Version: EA7500 Firmware Version: 2.0.8.194281
# CVE: CVE-2012-6708
# Tested On: Linksys EA7500 (jQuery version 1.7.1)
# Cross-Site Scripting Vulnerability on modern versions of Linksys Smart-Wifi home routers.
# Caused by outdated jQuery(strInput) version : <= 1.7.1 (Fixed in version 1.9.0)
# Credit also to Reddit user michael1026
###
POC
###
1. When logging into the router (http://LHOST or http://LHOST:10080), choose "Click Here"
next to "Dont Have an Account? " or Choose "click here" after "To login with your Linksys Smart Wi-Fi account",
you will be redirected with a login prompt with both Email Address and Password forms.
2. Make your email address "<img src=0 onerror=alert(XSS)>" without the double quotes.
3. Payload will be triggered when mouse is clicked anywhere within the Email Address form box or when form is submitted.
Reference in a new issue View git blame Copy permalink