CVE-2023-30403

CVE-2023-30403 affects the Aigital Wireless-N Repeater Mini Router (v0.131229). The vulnerability stems from the time-based authentication mechanism, enabling an attacker to bypass login by connecting to the web app after a legitimate user's attempt. Public documents confirm the affected product/...

CVE-2023-30405

CVE-2023-30405 affects Aigital Wireless-N Repeater Mini_Router v0.131229. The vulnerability is a cross-site scripting (XSS) flaw allowing injection of arbitrary web scripts/HTML via the wl_ssid parameter at the /boafrm/formHomeWlanSetup endpoint. Root cause is improper handling/sanitization of us...

Aigital Wireless-N Repeater Mini_Router.0.131229 Cross Site Scripting Vulnerability

Exploit Title: Aigital Wireless-N Repeater - Stored Cross-Site Scripting Exploit Author: Matteo Mandolini Vendor Homepage: https://web.archive.org/web/20220625053314/https://www.aigital.com/ Version: MiniRouter.0.131229 XSS Stored POST /boafrm/formHomeWlanSetup HTTP/1.1 Host: 192.168.10.253...

Aigital Wireless-N Repeater Mini_Router.0.131229 Cross Site Scripting

Exploit Title: Aigital Wireless-N Repeater - Stored Cross-Site Scripting Exploit Author: Matteo Mandolini Date : 13/04/2023 Vendor Homepage: https://web.archive.org/web/20220625053314/https://www.aigital.com/ Version: MiniRouter.0.131229 XSS Stored POST /boafrm/formHomeWlanSetup HTTP/1.1 Host:...

CVE-2023-30404

CVE-2023-30404 affects Aigital Wireless-N Repeater Mini_Router v0.131229. The issue is a remote code execution (RCE) in the formSysCmd function, exploitable via the sysCmd parameter and a crafted HTTP request. Connected sources confirm the vulnerable component is the formSysCmd/sysCmd pathway, wi...