Lucene search
Sandip DeyPACKETSTORM:149240HistorySep 05, 2018 - 12:00 a.m.
Tenda ADSL Router D152 Cross Site Scripting
2018-09-0500:00:00
Sandip Dey
packetstormsecurity.com
22
0.001 Low
EPSS
Percentile
44.6%
`# Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting
# Exploit Author: Sandip Dey
# Date: 2018-07-21
# Vendor Homepage: http://www.tendacn.com
# Hardware Link: https://www.amazon.in/Tenda-D152-ADSL2-Modem-Router/dp/B00IM8CWTE/ref=sr_1_fkmr0_1?ie=UTF8&qid=1536170904&sr=8-1-fkmr0&keywords=Tenda+D152+ADSL+router
# Category: Hardware
# Tested on: Windows 8.1
# CVE: CVE-2018-14497
# Reproduction Steps:
Goto your Wifi Router Gateway [i.e: http://Target]
Go to --> "General Setup" --> "Wireless" --> "Basic Settings
Now change the SSID to <script>alert("Sandip")</script> and hit apply
Refresh the page, and you will get the "Sandip" pop-up
`
Related
cvelist
cvelist
CVE-2018-14497
2018-08-03 16:00:00
nvd
nvd
CVE-2018-14497
2018-08-04 01:29:03
exploitpack
exploitpack
Tenda ADSL Router D152 - Cross-Site Scripting
2018-09-05 00:00:00
prion
prion
Design/Logic Flaw
2018-08-04 01:29:00
zdt
zdt
Tenda ADSL Router D152 - Cross-Site Scripting Vulnerability
2018-09-06 00:00:00
cve
cve
CVE-2018-14497
2018-08-04 01:29:03
exploitdb
exploitdb
Tenda ADSL Router D152 - Cross-Site Scripting
2018-09-05 00:00:00