CVE-2023-30405 in Wireless-N Repeater Mini_Router
Summary
by MITRE • 04/29/2023
A cross-site scripting (XSS) vulnerability in Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wl_ssid parameter at /boafrm/formHomeWlanSetup.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 12/23/2025
This cross-site scripting vulnerability exists in the Aigital Wireless-N Repeater Mini_Router firmware version 0.131229 where the web interface fails to properly sanitize user input submitted through the wl_ssid parameter. The vulnerability is located within the /boafrm/formHomeWlanSetup endpoint which processes wireless network setup configurations. Attackers can exploit this flaw by injecting malicious scripts or HTML content into the ssid field, which then gets reflected back to users who visit the affected page. The vulnerability represents a classic reflected XSS attack vector where malicious input is immediately executed in the victim's browser context without proper input validation or output encoding.
The technical flaw stems from insufficient sanitization of the wl_ssid parameter, which allows arbitrary HTML and JavaScript code to be stored and subsequently executed when the page is rendered. This occurs because the application does not properly encode or escape special characters in user-supplied input before displaying it back to users. The vulnerability affects the web-based management interface of the wireless repeater, making it accessible to remote attackers who can craft malicious payloads through the web form. This type of vulnerability falls under CWE-79 which specifically addresses cross-site scripting flaws in web applications. The attack vector is particularly dangerous because it enables attackers to execute malicious scripts in the context of the victim's browser session, potentially allowing for session hijacking, credential theft, or redirection to malicious sites.
The operational impact of this vulnerability extends beyond simple script execution as it provides attackers with a foothold for more sophisticated attacks within the local network. An attacker who successfully exploits this vulnerability could potentially redirect users to phishing sites, steal session cookies, or inject malicious content that could compromise the entire wireless network. The vulnerability affects not only the device itself but also any users who access the web interface, creating a potential attack surface that could be leveraged for broader network infiltration. This vulnerability aligns with ATT&CK technique T1566.001 which covers credential access through phishing attacks, as attackers could use the XSS to redirect users to malicious sites that attempt to harvest credentials. The exposure of this vulnerability in a wireless networking device also represents a significant risk to enterprise and home networks, as these devices often serve as entry points for more extensive network breaches.
Mitigation strategies should focus on implementing proper input validation and output encoding mechanisms within the web application. The firmware should be updated to sanitize all user inputs, particularly those used in HTML contexts, by implementing proper HTML escaping and character encoding. Additionally, implementing a content security policy (CSP) would provide an additional layer of protection against XSS attacks by restricting the sources from which scripts can be executed. Network administrators should also consider implementing network segmentation and access controls to limit exposure of these devices to untrusted networks. The most effective long-term solution involves upgrading to firmware versions that have addressed this specific vulnerability, as the manufacturer has likely released patches to correct the input validation issues. Regular security assessments and vulnerability scanning of network devices should be conducted to identify similar issues in other network infrastructure components.