Lucene search

K
zdtOkan Coskun1337DAY-ID-33539
HistoryNov 17, 2019 - 12:00 a.m.

TP-Link Archer VR300 1 Cross Site Scripting Vulnerability

2019-11-1700:00:00
Okan Coskun
0day.today
64
tp-link
xss vulnerability
firmware version
remote attacker
malicious site
vpn configurations
0day exploit

Exploit for hardware platform in category web applications

I. VULNERABILITY
-------------------------
Stored XSS Vulnerability on TP-Link Archer VR300 v1 - firmware
version: 1.3.0 0.8.0 v007b.1 build 180905 Rel.55344n

II. CVE REFERENCE
-------------------------
-

III. VENDOR
-------------------------
https://www.tp-link.com/

IV. TIMELINE
-------------------------
04/10/2018 Vulnerability discovered
05/10/2018 Vendor contacted
no Response

V. CREDIT
-------------------------
Okan Coşkun from Biznet Bilisim A.S.
Halil ArΔ± From Biznet Bilisim A.S

VI. DESCRIPTION
-------------------------
Tp-Link Router interface is affected by stored XSS vulnerability. A
remote attacker could steal victims cookie or redirect victim to
malicious site.

VII. PROOF OF CONCEPT
-------------------------
Affected Component: VPN Name
Path(inurl): /cgi?3
Affected parameter: connName

On TP-Link Router Interface adding VPN configurations with malicious
VPN Name could execute arbitrary javascript.

#  0day.today [2019-12-04]  #