ZyXEL P-660R-T1 V2 XSS Zeroday Vulnerability

I recently found a vulnerability in Zyxel P-660R T1 . Although the impact factor is quite low as it is an XSS (Cross site scripting) but still  a vulnerability is a vulnerability .

Xc0re Security Research Group

Disclaimer: [This code is for Educational Purposes , I would Not be responsible for any misuse of this code]

Exploit:

VECTOR : http://IP/Forms/home_1?&HomeCurrent_Date=‘ XSS Vector ‘01%2F01%2F2000

This works with the post request too ! As by default this value is sent through POST request.

Author : Usman Saeed , Xc0re Security Research Group.

 

 

Advertisements

About xc0re

I am a Security researcher and a consultant View all posts by xc0re

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: