| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAN++2UyQ1Z6qO+vapjj8SVdZ7+YE_JEaY23jYQXHBmiWcHmmjg@mail.gmail.com> Date: Thu, 14 Nov 2019 22:24:08 +0300 From: okan coskun <okancoskun2@...il.com> To: fulldisclosure@...lists.org Subject: [FD] Stored XSS Vulnerability on TP-Link Archer VR300 v1 I. VULNERABILITY ------------------------- Stored XSS Vulnerability on TP-Link Archer VR300 v1 - firmware version: 1.3.0 0.8.0 v007b.1 build 180905 Rel.55344n II. CVE REFERENCE ------------------------- - III. VENDOR ------------------------- https://www.tp-link.com/ IV. TIMELINE ------------------------- 04/10/2018 Vulnerability discovered 05/10/2018 Vendor contacted no Response V. CREDIT ------------------------- Okan Coşkun from Biznet Bilisim A.S. Halil Arı From Biznet Bilisim A.S VI. DESCRIPTION ------------------------- Tp-Link Router interface is affected by stored XSS vulnerability. A remote attacker could steal victims cookie or redirect victim to malicious site. VII. PROOF OF CONCEPT ------------------------- Affected Component: VPN Name Path(inurl): /cgi?3 Affected parameter: connName On TP-Link Router Interface adding VPN configurations with malicious VPN Name could execute arbitrary javascript. _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists