DIGISOL DG-BR4000NG – Cross-Site Scripting | CVE-2018-12705

CVE-2018-12705 : DIGISOL WIRELESS ROUTER DG-BR4000NG XSS PROOF OF CONCEPT

CVE-2018-12705 discovered by ICSS team member Adipta Basu who is our ex-student and presently working as a faculty member with us. The Exploit is published on Exploit-DB on 25-06-2018. It’s an achievement for Indian Cyber Security Solutions. The Exploit details are as follows:

Exploit Title: DIGISOL DG-BR4000NG – Cross-Site Scripting

Date: 24-06-2018

CVE: CVE-2018-12705

Author: Adipta Basu

Overview:

The Specified router founded as vulnerable to Cross-Site Scripting. This vulnerability is still a zero day, being 24th of June 2018. To exploit the vulnerability, the following steps were taken:

Step 1:

Connect to the Wifi network and open the Gateway. Done it by opening 192.168.2.1 .

 

CVE-2018-12705

 

Step 2:

Press General Setup and change the SSID to something else that can be accepted. setted it as “testing”.

 

DG

 

Step 3:

Open BurpSuite and the change the proxy settings of the internet browser so that Burp can intercept the data. After that hit apply on the Digisol page that is already open.

Step 4:

Now Burp will intercept the data, and now just change the SSID parameter form “testing” to “<script>alert(“ADIPTA”)</script> and then forward the intercept.

Now everything is done. Now after the page reloads after you join the newly named Wifi network, you will find that you will have a stored XSS as soon as you open General and then Basic Setup. The outcome will look like:

 

Burp

 

Reproduction steps are mentioned below:

-Goto your Wifi Router Gateway [i.e: http://192.168.2.1]

-Go to –> “General Setup” –> “Wireless” –> “Basic Settings”

-Open BurpSuite

-Change the SSID to “Testing” and hit “Apply”

-Burp will capture the intercepts.

-Now change the SSID to <script>alert(“ADIPTA”)</script>

-Refresh the page, and you will get the “ADIPTA” pop-up

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar

Networking Training in Bangalore

Networking Training in Hyderabad

Networking Training in Bhubaneswar

Advance Python Training in Hyderabad

Advance Python Training in Bangalore

Advance Python Training in Bhubaneswar

Amazon Web Services Training in Hyderabad

Amazon Web Services Training in Bangalore

Amazon Web Services Training in Bhubaneswar

Certified Ethical Hacker Certification – C | EH v10

Computer Forensic Training in Kolkata

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Internet Of Things Training

Internet Of Things Training Hyderabad

Embedded System Training

Digital Marketing Training

Machine Learning Training

Python Programming training

Android Training in Bangalore

Android Training in Hyderabad

Android Training in Bhubaneswar

Diploma in Network Security Training

Android Development  training

Secured Coding in Java

Certified Network Penetration Tester 

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad


Show Buttons
Hide Buttons