In my previous posts I mentioned that in order to compromise a LAN device from the Internet the attacker needs to exploit a XSS vulnerability in the device firmware. The limitations of this kind of attack are quite obvious. Let’s have a look at the exploitation process again.
First of all the local LAN needs to be explored for live hosts and than each host needs to be scanned with a URL Signature database in order to detect the firmware type and version. [...]