D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting (XSS)

vendor:

DIR-615

by:

Sayan Chatterjee

4.8

CVSS

MEDIUM

Persistent Cross Site Scripting (XSS)

CWE

Product Name: DIR-615

Affected Version From: 20.07

Affected Version To: 20.07

Patch Exists: YES

Related CWE: CVE-2018-10110

CPE: h:d-link:dir-615

Metasploit: https://www.rapid7.com/db/vulnerabilities/freebsd-cve-2019-10110/

Other Scripts: N/A

Platforms Tested: Windows 10

2018

D-Link DIR-615 Wireless Router – Persistent Cross Site Scripting (XSS)

A vulnerability in D-Link DIR-615 Wireless Router allows an attacker to inject malicious JavaScript code into the router's web interface. This code is then executed in the context of the router's web server, allowing the attacker to perform various malicious activities such as stealing session cookies, redirecting users to malicious websites, etc. The vulnerability exists due to insufficient input validation of the user-supplied data in the router's web interface. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the router's web interface.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to update their router's firmware to the latest version.

Source

Exploit-DB raw data:

######################################################################################
# Exploit Title: D-Link DIR-615 Wireless Router - Persistent Cross Site Scripting (XSS)
# Date: 14.04.2018
# Exploit Author: Sayan Chatterjee
# Vendor Homepage: http://www.dlink.co.in
# Hardware Link: http://www.dlink.co.in/products/?pid=678
# Category: Hardware (Wi-fi Router)
# Hardware Version: T1
# Firmware Version: 20.07
# Tested on: Windows 10
# CVE: CVE-2018-10110
#######################################################################################

Reproduction Steps:
------------------------------
1. Go to your wi-fi router gateway [i.e: http://192.168.0.1]
2. Go to –> “Maintenance” –> “Admin”
3. Create a user with name alert_"HI"
4. Refresh the page and you will be having “HI” popup

#######################################################################################