Exploit for Cyberoam NetGenie Cross Site Scripting CVE-2021-38702

Name: Exploit for Cyberoam NetGenie Cross Site Scripting CVE-2021-38702
Rating: 5 (200 reviews)

2021-08-17 | CVSS 0.0

## https://sploitus.com/exploit?id=PACKETSTORM:163859
# Title: Cyberoam NetGenie (C0101B1-20141120-NG11VO) - Reflected Cross Site Scripting (XSS)  
# Date: 14.08.2021   
# Credit: Gionathan "John" Reale   
# Firmware Version: C0101B1-20141120-NG11VO  
# CVE-2021-38702  
################################################################################  
  
DESCRIPTION:  
  
Cyberoam NetGenie C0101B1-20141120-NG11VO devices through 2021-08-14 allow tweb/ft.php?u=[XSS] attacks.  
  
POC:  
  
After connecting to the network via the NetGenie router a page is displayed suggesting a redirect, within the redirect parameter it is possible to execute reflected Cross Site Scripting, the component affected is "hxxp:/URL/tweb/ft.php?u="