# Exploit Title: Linksys EA7500 2.0.8.194281 - Cross-Site Scripting # Date: 3/24/21 # Exploit Author: MiningOmerta # Vendor Homepage: https://www.linksys.com/ # Version: EA7500 Firmware Version: 2.0.8.194281 # CVE: CVE-2012-6708 # Tested On: Linksys EA7500 (jQuery version 1.7.1) # Cross-Site Scripting Vulnerability on modern versions of Linksys Smart-Wifi home routers. # Caused by outdated jQuery(strInput) version : <= 1.7.1 (Fixed in version 1.9.0) # Credit also to Reddit user michael1026 ### POC ### 1. When logging into the router (http://LHOST or http://LHOST:10080), choose "Click Here" next to "Dont Have an Account? " or Choose "click here" after "To login with your Linksys Smart Wi-Fi account", you will be redirected with a login prompt with both Email Address and Password forms. 2. Make your email address "<img src=0 onerror=alert(XSS)>" without the double quotes. 3. Payload will be triggered when mouse is clicked anywhere within the Email Address form box or when form is submitted.