Cross site scripting (XSS) is a common attack vector that injects malicious code into a vulnerable web application. XSS differs from other web attack vectors (e.g., SQL injections), in that it does not directly target the application itself. Instead, the users of the web application are the ones at risk.
[Step To Reproduce]
Login to your router
After signing
Select for Maintance Mode
Go to Ping Diagnostic option
In the host Name field, enter any of these payloads:
<script> alert ("Hacked") </script>
The text was updated successfully, but these errors were encountered:
Exploit Title: beetel Moderm 777vr1 — Cross Site Scripting on the beetel 777vr1 via the Ping Diagnostic
Date: 2020–12–25
Exploit Author: VIVEK PANDAY
Version: Firmware Version V01.00.09_55 777VR1
Tested on Windows10
Linkedln Contact: https://www.linkedin.com/in/vivek-panday-796768149/
CVE-2020-36056
[Cross-site scripting] (XSS)
Cross site scripting (XSS) is a common attack vector that injects malicious code into a vulnerable web application. XSS differs from other web attack vectors (e.g., SQL injections), in that it does not directly target the application itself. Instead, the users of the web application are the ones at risk.
[Step To Reproduce]
The text was updated successfully, but these errors were encountered: