Tenda adsl router d152 crosssite scripting Vulnerability / Exploit

  /     /     /  

Exploits / Vulnerability Discovered : 2018-09-05 | Type : webapps | Platform : hardware
This exploit / vulnerability Tenda adsl router d152 crosssite scripting is for educational purposes only and if it is used you will do on your own risk!

[+] Code ...

# Exploit Title: Tenda D152 ADSL Router - Cross-Site Scripting
# Exploit Author: Sandip Dey
# Date: 2018-07-21
# Vendor Homepage: http://www.tendacn.com
# Hardware Link: https://www.amazon.in/Tenda-D152-ADSL2-Modem-Router/dp/B00IM8CWTE/ref=sr_1_fkmr0_1?ie=UTF8&qid=1536170904&sr=8-1-fkmr0&keywords=Tenda+D152+ADSL+router
# Category: Hardware
# Tested on: Windows 8.1
# CVE: CVE-2018-14497

# Reproduction Steps:

Goto your Wifi Router Gateway [i.e: http://Target]
Go to --> "General Setup" --> "Wireless" --> "Basic Settings
Now change the SSID to <script>alert("Sandip")</script> and hit apply
Refresh the page, and you will get the "Sandip" pop-up

Tenda adsl router d152 crosssite scripting


Last added Exploits Vulnerabilities

▸ soplanning 1.52.01 (simple online planning tool) - remote code execution (rce) (authenticated) ◂
Discovered: 2024-11-15
Type: webapps
Platform: php
▸ rengine 2.2.0 - command injection (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: multiple
▸ opensis 9.1 - sqli (authenticated) ◂
Discovered: 2024-10-01
Type: webapps
Platform: php



Tags:
Tenda adsl router d152 crosssite scripting Vulnerability / Exploit