D-Link DIR-600M Wireless Cross Site Scripting

`########################################################################  
# Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting  
# Date: 11.02.2018  
# Vendor Homepage: http://www.dlink.co.in  
# Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M  
# Category: Hardware  
# Exploit Author: Prasenjit Kanti Paul  
# Web: http://hack2rule.wordpress.com/  
# Hardware Version: C1  
# Firmware version: 3.01  
# Tested on: Linux Mint  
# CVE: CVE-2018-6936  
##########################################################################  
  
Reproduction Steps:  
  
- Goto your wifi router gateway [i.e: http://192.168.0.1]  
- Go to --> "Maintainence" --> "Admin"  
- Create a user with name "<script>alert("PKP")</script>"  
- Refresh the page and you will be having "PKP" popup  
  
Note: It can also be done by changing SSID name to "<script>alert("PKP")</script>"  
  
`