CVE-2023-30405

Vulnerability

A cross-site scripting (XSS) vulnerability exists in the Aigital Wireless-N Repeater Mini_Router firmware version 0.131229. The flaw is located in the /boafrm/formHomeWlanSetup endpoint, where the wl_ssid parameter is not properly sanitized before being reflected in the response. This allows an attacker to inject arbitrary HTML or JavaScript code [1].

Exploitation

An attacker can exploit this vulnerability by crafting a malicious payload and injecting it into the wl_ssid parameter via a GET or POST request to the vulnerable endpoint. The attacker must have network access to the router's web interface, but no authentication is required. The payload is executed when an administrator or user views the affected page [1].

Impact

Successful exploitation enables the attacker to execute arbitrary web scripts in the context of the victim's browser. This can lead to session hijacking, defacement of the router's web interface, or redirection to malicious sites. The attacker gains the ability to perform actions on behalf of the authenticated user, potentially compromising the router's configuration [1].

Mitigation

As of the publication date, no official patch or fixed version has been released by Aigital. Users are advised to restrict network access to the router's web interface, use strong administrative credentials, and monitor for suspicious activity. If possible, consider replacing the device with a supported alternative [1].