Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Asus RT-N10 Plus Cross Site Scripting

🗓️ 30 Jan 2015 00:00:00Reported by Kaustubh G. PadwadType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 21 Views

Reflected XSS vulnarbility in Asus RT-N10 Plus router, firmware 2.1.1.70, requires authenticatio

Code
`#####################################  
Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router  
Author: Kaustubh G. Padwad  
Product: ASUS Router RT-N10 Plus  
Firmware: 2.1.1.1.70  
Severity: Medium  
Auth: Requierd  
  
# Description:   
Vulnerable Parameter: flag=  
# Vulnerability Class:  
Cross Site Scripting (https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS))  
  
# About Vulnerability: Asus Router RT-N10 Plus with firmware 2.1.1.70 is vulnarable for crosss site scripting attack,this may cause a huge network compemise.  
  
#Technical Details: The value of the flag request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload initial78846%27%3balert("Hacked_BY_S3curity_B3ast")%2f%2f372137b5d was submitted in the flag parameter. This input was echoed unmodified in the application's response.  
  
  
#Steps to Reproduce: (POC):  
After setting up router  
Enter this URL   
1.http://ip-of-router/result_of_get_changed_status.asp?current_page=&sid_list=LANGUAGE%3B&action_mode=+App  
ly+&preferred_lang=&flag=initial78846%27%3balert(1337)%2f%2f372137b5d  
  
2. this will ask for creadintial once creatintial enterd it will be successfull XSS  
  
# Disclosure:   
8-jan-2015 Repoerted to ASUS   
9-jan-2015 Asus confirm that they reported to concern department  
15-jan-2015 Ask for update from asus asus says reported to HQ  
28-jan-2015 Ask asus about reporting security foucus No reply from ASUS  
29-jan-2015 security focus bugtraq  
  
  
#credits:  
Kaustubh Padwad  
Information Security Researcher  
[email protected]  
https://twitter.com/s3curityb3ast  
http://breakthesec.com  
https://www.linkedin.com/in/kaustubhpadwad  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
30 Jan 2015 00:00Current
7.4High risk
Vulners AI Score7.4
asus rt-n10 pluscross site scriptingfirmware 2.1.1.70network compromiseauthentication requiredkaustubh g. padwadsecurity researcher
21