Posts

Wavlink WN533A8 Cross-Site Scripting

Wavlink is a wireless network and comprehensive IT peripherals brand that serves countries around the world
Its product offerings include the Wavlink WN533A8, a wireless router with tri-band Wi-Fi technology that adds another independent stream of communication onto 5 GHz to increase network bandwidth.

Cross-Site Scripting
Cross-Site Scripting (XSS) attacks are a type of injection attack that occurs when malicious scripts are injected into otherwise benign and trusted websites. An attacker then uses a web application to send malicious code, generally in the form of a browser side script, to the end user.

XSS attacks abuse the dynamic way websites interact with the browsers. These attacks make it possible , for an attacker, to control the victim’s browser and their interaction with a given vulnerable website. Injection attacks display back content provided or controlled by a user, like an URL parameter or an input field. This opens the door to manipulation of the content.
When the website or application simply reflects back content maliciously manipulated by user it is called a reflected XSS attack. This reflection affects the way browsers displays the page , how they behave and process things.

Wavlink WN533A8 Cross-Site Scripting | CVE-2022-34048
Wavlink WN533A8 M33A8.V5030.190716 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the login_page parameter.
The application fails to validate and sanitize input leading to XSS. When a malicious code is passed to the vulnerable login_page , it is reflected back to the victim browser. Since the code comes from a “trusted” server, the browser then executes it .This could lead to disclosure of a user’s session cookie,which in turn could allow the attacker to hijack the user’s session and take over the account.

 

SonicWall Capture Labs provides protection against this threat via following signature:

  • IPS 1326:Wavlink WN533A8 Cross-Site Scripting

Threat Graph