81ae91fdae
14 changes to exploits/shellcodes/ghdb Electrolink FM/DAB/TV Transmitter - Unauthenticated Remote DoS Electrolink FM/DAB/TV Transmitter (controlloLogin.js) - Credentials Disclosure Electrolink FM/DAB/TV Transmitter (Login Cookie) - Authentication Bypass Electrolink FM/DAB/TV Transmitter (login.htm/mail.htm) - Credentials Disclosure Electrolink FM/DAB/TV Transmitter - Pre-Auth MPFS Image Remote Code Execution Electrolink FM/DAB/TV Transmitter - Remote Authentication Removal TP-LINK TL-WR740N - Multiple HTML Injection TP-Link TL-WR740N - UnAuthenticated Directory Transversal Juniper-SRX-Firewalls&EX-switches - (PreAuth-RCE) (PoC) mooSocial 3.1.8 - Cross-Site Scripting (XSS) on User Login Page PCMan FTP Server 2.0 - 'pwd' Remote Buffer Overflow WebCatalog 48.4 - Arbitrary Protocol Execution
18 lines
No EOL
544 B
Text
18 lines
No EOL
544 B
Text
# Exploit Title: TP-LINK TL-WR740N - Multiple HTML Injection Vulnerabilities
|
|
# Date: 25/9/2023
|
|
# Exploit Author: Shujaat Amin (ZEROXINN)
|
|
# Vendor Homepage: http://www.tp-link.com
|
|
# Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n
|
|
# Tested on: Windows 10
|
|
|
|
---------------------------POC-----------------------------
|
|
|
|
1) Go to your routers IP (192.168.0.1)
|
|
|
|
2) Go to Access control --> Target,rule
|
|
|
|
3) Click on add new
|
|
|
|
5) Type <h1>Hello<h1> in Target Description box
|
|
|
|
6) Click on Save, and now you can see html injection on the webpage |