Tenda AC6 AC1200 version 15.03.06.50_multi suffers from a persistent cross site scripting vulnerability.
36108434294fef421012baada6d3fdbb458dfe5e7a3ffeffb4f16f99ec2e2923# Exploit Title: Stored Cross-Site scripting in the Tenda router via the deviceId parameter in the Parental Control module
# Google Dork: None.
# Date: Aug-30-2022
# Exploit Author: 0x783
# Vendor Homepage: https://tendacn.com/default.html
# Software Link: https://www.tendacn.com/product/download/AC6.html
# Version: AC6 AC1200 Smart Dual-Band WiFi Router - V15.03.06.50_multi
# Tested on: Linux 5.15.0-58-generic
# CVE : CVE-2022-40010
-------------------------------------------------------------------------
# 1. Technical Description:
Tenda AC6 AC1200 Smart Dual-Band WiFi Router V15.03.06.50 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the deviceId parameter in the parental control section.
# Steps to reproduce:
1- Navigate to the router webserver usually at "http://192.168.0.1", or whatever the address of the router is.
2- Navigate to the parental control section from the side bar.
3- Add a new device to the list with any fake MAC address, device name, URL.
4- Intercept the request using burpsuite and change the "deviceId" parameter to any javascript code (EX: <script>alert(document.domain")</script>).
5- A pop-up with the domain should appear.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed