CVE-2018-14497: Tenda D152 ADSL routers allow XSS via a crafted SSID
Step 1:
Step 2:
Now change the SSID parameter name to <script>alert("sandip")</script>
Step 3:
Now everything is done. Now after the page reloads you will find that you will have a stored XSS as soon as you open General and then Basic Setup.
Steps are mentioned below:
Go to SSID parameter and change the name to <script>alert("sandip")</script>
Then press ok
Now when you reload the page it will show you a popup name sandip
No comments:
Post a Comment