Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

Author: ABDO10
type: webapps
platform: hardware
port: 80.0
date_added: 2019-07-12  
date_updated: 2019-07-12  
verified: 0  
codes: CVE-2019-13491  
tags: Cross-Site Scripting (XSS)  
aliases:   
screenshot_url:   
application_url:   

raw file: 47107.txt  

# Exploit Title: tenda D301 v2 modem router stored xss CVE-2019-13492
# Exploit Author: ABDO10
# Date : July, 11th 2019
# Product : Tenda D301 v2  Modem Router
# version : v2
# Vendor Homepage: https://www.tp-link.com/au/home-networking/dsl-modem-router/td-w8960n/
# Tested on: Linux
# CVE : 2019-13491


# Poc Instructions :
/*******************************************************************************************************************/
> 1 - Open modem router  on web browser default(192.168.1.1)
> 2 - Click on advanced -> Wireless -> Security
> 3 - fill this payload : <img src="xy" OnError=prompt(document.cookie)>  as password
> 4 - Click on "click to display"
/*******************************************************************************************************************/