BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
ZTE ZXDSL 831 Multiple Cross Site Scripting Nov 06 2014 07:45PM
habte yibelo gmail com
TR-069 Client page: Stored. executes when users go to http://192.168.1.1/tr69cfg.html

http://192.168.1.1/tr69cfg.cgi?tr69cInformEnable=1&tr69cInformInterval=4
3200&tr69cAcsURL=http://acs.etc.et:9090/web/tr069%27;alert%280%29;//&tr6
9cAcsUser=cpe&tr69cAcsPwd=cpe&tr69cConnReqUser=itms&tr69cConnReqPwd=i...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus