Lucene search
Prasenjit Kanti Paul1337DAY-ID-29917HistoryMar 02, 2018 - 12:00 a.m.
D-Link DIR-600M Wireless - Cross-Site Scripting Vulnerability
2018-03-0200:00:00
Prasenjit Kanti Paul
0day.today
17
0.001 Low
EPSS
Percentile
44.4%
Exploit for hardware platform in category web applications
########################################################################
# Exploit Title: D-Link DIR-600M Wireless - Persistent Cross Site Scripting
# Vendor Homepage: http://www.dlink.co.in
# Hardware Link: http://www.dlink.co.in/products/?pid=DIR-600M
# Category: Hardware
# Exploit Author: Prasenjit Kanti Paul
# Web: http://hack2rule.wordpress.com/
# Hardware Version: C1
# Firmware version: 3.01
# Tested on: Linux Mint
# CVE: CVE-2018-6936
##########################################################################
Reproduction Steps:
- Goto your wifi router gateway [i.e: http://192.168.0.1]
- Go to --> "Maintainence" --> "Admin"
- Create a user with name "<script>alert("PKP")</script>"
- Refresh the page and you will be having "PKP" popup
Note: It can also be done by changing SSID name to "<script>alert("PKP")</script>"
# 0day.today [2018-04-09] #Related
exploitpack
exploitpack
D-Link DIR-600M Wireless - Cross-Site Scripting
2018-03-02 00:00:00
prion
prion
Cross site scripting
2018-02-21 22:29:00
packetstorm
packetstorm
D-Link DIR-600M Wireless Cross Site Scripting
2018-03-02 00:00:00
cvelist
cvelist
CVE-2018-6936
2018-02-21 22:00:00
nvd
nvd
CVE-2018-6936
2018-02-21 22:29:00
cve
cve
CVE-2018-6936
2018-02-21 22:29:00
exploitdb
exploitdb
D-Link DIR-600M Wireless - Cross-Site Scripting
2018-03-02 00:00:00