DZS Router Cross-Site Scripting Vulnerability in Wireless Security Passphrase Field

A Cross-Site Scripting (XSS) vulnerability has been identified in the DZS Router Web Interface, specifically within the WPA/WAPI Passphrase field of the Wireless Security settings for both the 2.4GHz and 5GHz bands. This vulnerability allows authenticated attackers to inject malicious JavaScript into the passphrase field. The injected script is stored and executed when an administrator views the passphrase using the 'Click here to display' option on the Status page.

Impact

Exploitation of this vulnerability allows for session hijacking and the ability to perform actions on behalf of the authenticated user.

Reproduction

To reproduce this vulnerability, log into the router's admin panel and navigate to the Wireless Security settings for either the 2.4GHz or 5GHz band. Inject a script payload into the WPA/WAPI Passphrase field and save the changes. Then, go to the Status page and use the 'Click here to display' option for the Password field. The injected script will execute in a pop-up window.

Remediation

The vendor should implement input sanitization in the WPA/WAPI Passphrase field to prevent the execution of injected scripts.