iBall Router -WRB304N 300M Persistent Cross-Site Scripting CVE-2020-7986

A stored, cross-site scripting (XSS) flaw was found in iB-WRB304N version 1.0.0. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a iBall WRB304N router, allowing for the execution and persistent storage of arbitrary scripts.

VULNERABLE PARAMETER

/GOFORM/FROMSETDDNS

STEPS TO REPRODUCE

1, LOGIN TO THE ROUTER

2,NAVIGATE TO ADVANCED ==> DDNS

3, INSERT PAYLOAD IN USERNAME <script>alert(123);</script> & SAVE IT

4, VISIT TOOLS ==> LOGS

5, REBOOT ROUTER . STILL IT POPS UP

Timeline
================

2019–08–04: Discovered
2019–08–05: Vendor notification
2019–08–10: Vendor feedback received
2019–09–20: Reminder sent
2019–11–08: 2nd reminder sent
2019–12–20: No more feedback received from the vendor
2020–01–11: New issues found
2020–01–25: Public Disclosure

Discovered by:
VELAYUTHAM SELVARAJ aka LAWWAY


================

admin

Your Turn To Talk

Leave a reply:

Your email address will not be published.

13 + 7 =