Intelbras ATA 200 with firmware version 74.19.10.21 suffers from a persistent cross site scripting vulnerability.
e356bd5406aa48762a1618d1a835ba31ee602d213580bd449699352c7cdfb239# Exploit Title: Intelbras ATA 200 Authenticated Stored XSS
# Date: 17/01/2022
# Exploit Author: Leonardo Goncalves
# Vendor Homepage: https://www.intelbras.com/pt-br/adaptador-ip-para-telefones-analogicos-ata-200
# Version: Firmware 74.19.10.21
1) Log in the equipment via your web browser
2) Go to Management > Syslog
3) In the "Field Server Address" inject the payload "-prompt("XSS")-"
4) Click Save
5) Exploit
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed