Home[1] Files[2] News[3] &[SERVICES_TAB] Contact[4] Add New[5]
- Fiberhome AN5506-02-B Cross Site Scripting[6]
- Authored by Leonardo Goncalves[7]
-
Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.
- SHA-256 |
6468873259d857e4b7cda7bf2ece5a2b2508ecd08b9330bef4207248417b9146 - Download[8] | Favorite[9] | View[10]
Change Mirror[11] Download[12]
# Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS
# Date: 10/08/2022
# Exploit Author: Leonardo Goncalves
# Version: Firmware RP2521
1) Log in the equipment via your web browser
2) Go to Network > auth_settings
3) In the "sncfg_loid" inject the payload "<script>alert()</script>"
4) Click Save
5) Exploit!
Subscribe to an RSS
FeedFile Tags
- ActiveX[17] (932)
- Advisory[18] (77,970)
- Arbitrary[19] (15,199)
- BBS[20] (2,859)
- Bypass[21] (1,577)
- CGI[22] (1,013)
- Code Execution[23] (6,717)
- Conference[24] (671)
- Cracker[25] (797)
- CSRF[26] (3,274)
- DoS[27] (21,950)
- Encryption[28] (2,335)
- Exploit[29] (49,993)
- File Inclusion[30] (4,152)
- File Upload[31] (945)
- Firewall[32] (821)
- Info Disclosure[33] (2,559)
- Intrusion Detection[34] (858)
- Java[35] (2,821)
- JavaScript[36] (801)
- Kernel[37] (6,102)
- Local[38] (14,045)
- Magazine[39] (586)
- Overflow[40] (12,235)
- Perl[41] (1,413)
- PHP[42] (5,054)
- Proof of Concept[43] (2,283)
- Protocol[44] (3,328)
- Python[45] (1,404)
- Remote[46] (29,786)
- Root[47] (3,454)
- Ruby[48] (578)
- Scanner[49] (1,630)
- Security Tool[50] (7,715)
- Shell[51] (3,066)
- Shellcode[52] (1,203)
- Sniffer[53] (882)
- Spoof[54] (2,103)
- SQL Injection[55] (16,039)
- TCP[56] (2,364)
- Trojan[57] (676)
- UDP[58] (868)
- Virus[59] (660)
- Vulnerability[60] (30,554)
- Web[61] (9,073)
- Whitepaper[62] (3,720)
- x86[63] (943)
- XSS[64] (17,363)
- Other[65]
File Archives
- August 2022[66]
- July 2022[67]
- June 2022[68]
- May 2022[69]
- April 2022[70]
- March 2022[71]
- February 2022[72]
- January 2022[73]
- December 2021[74]
- November 2021[75]
- October 2021[76]
- September 2021[77]
- Older[78]
Systems
- AIX[79] (426)
- Apple[80] (1,890)
- BSD[81] (368)
- CentOS[82] (55)
- Cisco[83] (1,913)
- Debian[84] (5,948)
- Fedora[85] (1,690)
- FreeBSD[86] (1,241)
- Gentoo[87] (4,172)
- HPUX[88] (878)
- iOS[89] (319)
- iPhone[90] (108)
- IRIX[91] (220)
- Juniper[92] (67)
- Linux[93] (42,626)
- Mac OS X[94] (683)
- Mandriva[95] (3,105)
- NetBSD[96] (255)
- OpenBSD[97] (478)
- RedHat[98] (11,842)
- Slackware[99] (941)
- Solaris[100] (1,607)
- SUSE[101] (1,444)
- Ubuntu[102] (7,939)
- UNIX[103] (9,098)
- UnixWare[104] (185)
- Windows[105] (6,442)
- Other[106]
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
