Details of VAR-E-201711-0229

ID

VAR-E-201711-0229

EDB ID

43148

TITLE

TP-Link TL-WR740N - Cross-Site Scripting - Hardware webapps Exploit

Trust: 0.6

sources: EXPLOIT-DB: 43148

DESCRIPTION

TP-Link TL-WR740N - Cross-Site Scripting.. webapps exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 43148

AFFECTED PRODUCTS

vendor:

tp link

model:

tl-wr740n

scope:

version:

Trust: 1.6

sources: EXPLOIT-DB: 43148 // EDBNET: 95088

EXPLOIT

# Exploit Title: XSS Vuln - TP-LINK TL-WR740N
# Date: 15/11/2017
# Exploit Author: bl00dy
# Vendor Homepage: http://www.tp-link.com <http://www.tp-link.com.br/>
# Version: TP-LINK TL-WR740N - 3.17.0 Build 140520 Rel.75075n
# Tested on: Windows 8.1

Cross-site scripting (XSS) in TP-LINK TL-WR740N

______________________________________________________

Proof of Concept:

1. Go to your wireless router ip (ex. 192.168.0.1)

2. Go to Wireless and -Wireless MAC Filtering- tab

3. Click Add new button

5.Write random MAC Address and in -Description- write (<h1>XSS by
bl00dy</h1>)

6.Click save and you will see XSS in Wireless MAC Filtering tab
______________________________________________________

Trust: 1.0

sources: EXPLOIT-DB: 43148

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 43148

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 43148

TYPE

Cross-Site Scripting

Trust: 1.6

sources: EXPLOIT-DB: 43148 // EDBNET: 95088

CREDITS

bl00dy

Trust: 0.6

sources: EXPLOIT-DB: 43148

EXTERNAL IDS

db:	EXPLOIT-DB	id:	43148	Trust: 1.6
db:	EDBNET	id:	95088	Trust: 0.6

sources: EXPLOIT-DB: 43148 // EDBNET: 95088

REFERENCES

url:

https://www.exploit-db.com/exploits/43148/

Trust: 0.6

sources: EDBNET: 95088

SOURCES

db:	EXPLOIT-DB	id:	43148
db:	EDBNET	id:	95088

LAST UPDATE DATE

2022-07-27T10:00:37.218000+00:00

SOURCES RELEASE DATE

db:	EXPLOIT-DB	id:	43148	date:	2017-11-16T00:00:00
db:	EDBNET	id:	95088	date:	2017-11-16T00:00:00