CVE-2024-2188 PoC — Cross-Site Scripting vulnerability in TP-Link Archer AX50

Source

https://github.com/hacefresko/CVE-2024-2188

Associated Vulnerability

Title:Cross-Site Scripting vulnerability in TP-Link Archer AX50 (CVE-2024-2188)
Description:Cross-Site Scripting (XSS) vulnerability stored in TP-Link Archer AX50 affecting firmware version 1.0.11 build 2022052. This vulnerability could allow an unauthenticated attacker to create a port mapping rule via a SOAP request and store a malicious JavaScript payload within that rule, which could result in an execution of the JavaScript payload when the rule is loaded.

Description

Exploit for stored XSS vulnerability found in the TP-Link Archer AX50 router.

Readme

# CVE-2024-2188

CVE-2024-2188 is a Stored XSS vulnerability in the TP-Link Archer AX50 router, affecting firmware version 1.0.11 build 2022052.
It occurs in the UPnP service, where command `AddPortMapping` allows attackers to create a new `PortMapping` entry without sanitizing user input for the `description` field.
This allows the attacker to inject HTML entities with malicious JavaScript that will be executed when visiting the tha UPnP tab in the NAT Forwarding admin page (`Advanced > NAT Forwarding > UPnP`).
If an authenticated user triggers the XSS, it allows an unatuthenticated attacker to perform actions as that authenticated user, potentially allowing further compromise of the device

File Snapshot


 [4.0K]  /data/pocs/4380785eafef3ea001ea7bf99f5c617bd9ff30aa
├── [1.9K]  PoC.py
└── [ 701]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!