ASUSWRT RT-AC53 ( - Cross-Site Scripting

ID EDB-ID:41571
Type exploitdb
Reporter Exploit-DB
Modified 2017-03-08T00:00:00


ASUSWRT RT-AC53 ( - Cross-Site Scripting. CVE-2017-6547. Webapps exploit for Hardware platform

                                            Cross-Site Scripting (XSS)

Component: httpd

CVE: CVE-2017-6547


httpd checks in the function handle_request if the requested file name is longer than 50 chars. It then responds with a redirection which allows an attacker to inject arbitrary JavaScript code into the router’s web interface context.


if(strlen(file) > 50 &&!(strstr(file, "findasus")) && !(strstr(file, "acme-challenge")))
    char inviteCode[256];
    snprintf(inviteCode, sizeof(inviteCode), "<script>location.href='/cloud_sync.asp?flag=%s';</script>", file);
    send_page( 200, "OK", (char*) 0, inviteCode, 0);