Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2020-36056 beetel Moderm 777vr1 — Cross Site Scripting on the beetel 777vr1 via the Ping Diagnostic #5

Open
VivekPanday12 opened this issue Jan 23, 2022 · 0 comments

Comments

@VivekPanday12
Copy link
Owner

Exploit Title: beetel Moderm 777vr1 — Cross Site Scripting on the beetel 777vr1 via the Ping Diagnostic

Date: 2020–12–25

Exploit Author: VIVEK PANDAY

Version: Firmware Version V01.00.09_55 777VR1

Tested on Windows10

Linkedln Contact: https://www.linkedin.com/in/vivek-panday-796768149/

CVE-2020-36056

[Cross-site scripting] (XSS)

Cross site scripting (XSS) is a common attack vector that injects malicious code into a vulnerable web application. XSS differs from other web attack vectors (e.g., SQL injections), in that it does not directly target the application itself. Instead, the users of the web application are the ones at risk.

[Step To Reproduce]

  1. Login to your router
  2. After signing
  3. Select for Maintance Mode
  4. Go to Ping Diagnostic option
  5. In the host Name field, enter any of these payloads: <script> alert ("Hacked") </script>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant