Monday, January 20, 2020

[sonoff] Sonoff TH Module Vuln #xss








Device Dimensions




Shodan indexed:




Home web, of the device:

  Input “Friendly name1” vulnerable a XSS persistent

Path: http://<host>/co


payload XSS: 

  x<img/src=x onerror(666)>





Models tested/vuln:
TH 10 / TH 16   Firmware 6.6.0.21


Saludos,


Ezequiel

Autor

0 comentarios:

Post a Comment

 
biz.