# Exploit Title: FLEX 1085 Web 1.6.0 - HTML Injection
# Date: 2021-11-21
# Exploit Author: Mr Empy
# Vendor Homepage: https://www.tem.ind.br/
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
# Version: 1.6.0
# Tested on: Android
FLEX 1085 Web - HTML Injection
The FLEX 1085 Web appliance is vulnerable to an HTML injection attack that
allows the injection of arbitrary HTML code.
Vulnerability Disclosure Schedule:
* October 19, 2021: An email was sent to support at 6:08MP.
* November 20, 2021: I didn't get any response from support.
* November 21, 2021: Vulnerability Disclosure
FLEX 1085 Web v1.6.0
Steps to Reproduce:
1. Open your browser and search for your device's IP address (http://<IP>).
2. Log in to the device's dashboard and go to "WiFi".
3. Use another device that has an access point and create a Wi-Fi network
called "<h1>HTML Injection</h1>" (no double quotes) and activate the access
4. Go back to the FLEX device and when scanning the new WiFi networks, the
new network will appear written "HTML Injection" in bold and with a larger
font size. (http://prnt.sc/20e51li)