TP-LINK TL-WR740N - Multiple HTML Injection

Author: Shujaat Amin (ZEROXINN)
type: webapps
platform: hardware
port: 
date_added: 2024-02-02  
date_updated: 2024-02-02  
verified: 0  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 51769.txt  
# Exploit Title: TP-LINK TL-WR740N - Multiple HTML Injection Vulnerabilities
# Date: 25/9/2023
# Exploit Author: Shujaat Amin (ZEROXINN)
# Vendor Homepage: http://www.tp-link.com
# Version: TP-Link TL-WR740n 3.12.11 Build 110915 Rel.40896n
# Tested on: Windows 10

---------------------------POC-----------------------------

1) Go to your routers IP (192.168.0.1)

2) Go to Access control --> Target,rule

3) Click on add new

5) Type <h1>Hello<h1> in Target Description box

6) Click on Save, and now you can see html injection on the webpage