Headline
Fiberhome AN5506-02-B Cross Site Scripting
Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.
Change Mirror Download
# Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS# Date: 10/08/2022# Exploit Author: Leonardo Goncalves# Version: Firmware RP25211) Log in the equipment via your web browser2) Go to Network > auth_settings3) In the "sncfg_loid" inject the payload "<script>alert()</script>"4) Click Save5) Exploit!