header-logo
Suggest Exploit
vendor:
DGN2200 Wireless ADSL Router
by:
Dolev Farhi
7,5
CVSS
HIGH
Persistent Cross Site Scripting
79
CWE
Product Name: DGN2200 Wireless ADSL Router
Affected Version From: 1.0.0.29_1.7.29_HotS
Affected Version To: 1.0.0.29_1.7.29_HotS
Patch Exists: YES
Related CWE: N/A
CPE: h:netgear:dgn2200
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2014

Stored XSS Vulnerability in NETGEAR DGN2200 Web interface

NETGEAR DGN2200 ADSL router web interface suffers from persistent XSS vulnerability in the QoS(Quality of Service) Administration page under 'Expert Mode'. Steps to reproduce: Login to the router web interface, Enter expert mode, navigate to QoS page, Add QoS Rule, or Edit an existing one, in 'QoS Policy for:' Enter the following: <script>alert('XSS')</script> and click apply, go to another page and navigate back into QoS - the XSS error pops up.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

# Exploit Title: Stored XSS Vulnerability in NETGEAR DGN2200 Web interface

# Date 30/04/2014

# Exploit author: Dolev Farhi @f1nhack

# Vendor homepage: http://netgear.com

# Affected Firmware version: 1.0.0.29_1.7.29_HotS

# Affected Hardware: NETGEAR DGN2200 Wireless ADSL Router




Summary
=======
NETGEAR DGN2200 ADSL router web interface suffers from persistent XSS vulnerability in the QoS(Quality of Service) Administration page under 'Expert Mode'.



Vulnerability Description
=========================
Persistent Cross Site Scripting



Steps to reproduce / PoC:
=========================
1. Login to the router web interface

2. Enter expert mode

3. navigate to QoS page

4. Add QoS Rule, or Edit an existing one.

5. in "QoS Policy for: " Enter the following: <script>alert("XSS")</script> and click apply.

6. go to another page and navigate back into QoS - the XSS error pops up.
	- PoC Video: https://www.youtube.com/watch?v=xxjluF2RR70

Navigation

Suggest Exploit

Services By CQR