CVE-2019-13491

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-13491. PoCs published by ABDO10.

AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Tenda D301 v2 modem routers. The payload is injected into the wireless security password field, triggering when the 'click to display' button is pressed.

Description

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

Exploits (1)

exploitdb WORKING POC

by ABDO10 · textwebappshardware

https://www.exploit-db.com/exploits/47107

View Code ZIP pw:eip

This exploit demonstrates a stored XSS vulnerability in Tenda D301 v2 modem routers. The payload is injected into the wireless security password field, triggering when the 'click to display' button is pressed.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Tenda D301 v2 Modem Router

Auth required

Prerequisites: Access to the router's admin interface · Valid credentials to modify wireless settings

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting

Exploitation Summary

Description

Exploits (1)

Details