Fiberhome AN5506-02-B with firmware version RP2521 suffers from a persistent cross site scripting vulnerability.
6468873259d857e4b7cda7bf2ece5a2b2508ecd08b9330bef4207248417b9146
# Exploit Title: FiberHome - AN5506-02-B - RP2521 - Authenticated Stored XSS
# Date: 10/08/2022
# Exploit Author: Leonardo Goncalves
# Version: Firmware RP2521
1) Log in the equipment via your web browser
2) Go to Network > auth_settings
3) In the "sncfg_loid" inject the payload "<script>alert()</script>"
4) Click Save
5) Exploit!