2022-01-15 20:35:33 +00:00
id : CVE-2017-15287
info :
2022-04-29 19:58:07 +00:00
name : Dreambox WebControl 2.0.0 - Cross-Site Scripting
2022-01-15 20:35:33 +00:00
author : pikpikcu
severity : medium
2022-04-29 19:58:07 +00:00
description : |
Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 13:22:34 +00:00
remediation : |
Upgrade to a patched version of Dreambox WebControl or apply appropriate input sanitization to prevent XSS attacks.
2022-04-22 10:38:41 +00:00
reference :
- https://fireshellsecurity.team/assets/pdf/Vulnerability-XSS-Dreambox.pdf
- https://www.exploit-db.com/exploits/42986/
2022-04-29 19:58:07 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2017-15287
2022-01-15 20:36:52 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 6.1
2022-01-15 20:36:52 +00:00
cve-id : CVE-2017-15287
cwe-id : CWE-79
2023-07-11 19:49:27 +00:00
epss-score : 0.00129
2024-01-14 13:49:27 +00:00
epss-percentile : 0.47426
2023-09-06 13:22:34 +00:00
cpe : cpe:2.3:a:bouqueteditor_project:bouqueteditor:2.0.0:*:*:*:*:dreambox:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : bouqueteditor_project
product : bouqueteditor
2023-09-06 13:22:34 +00:00
framework : dreambox
2024-01-14 09:21:50 +00:00
tags : cve,cve2017,dreambox,edb,xss,bouqueteditor_project
2022-01-15 20:35:33 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-01-15 20:35:33 +00:00
- raw :
- |
GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1
Host : {{Hostname}}
Content-Type : application/x-www-form-urlencoded
matchers :
- type : word
words :
- 'Unknown command : <script>alert(document.cookie)</script>'
2024-01-14 14:05:19 +00:00
# digest: 490a0046304402206c61653a0972775ca878500b18fe9bd62710351751921be04a68c0df7ad7c961022064ecf4fefb2e1eb354f6691c8e7708f01ec373d872f8d4403b281fdf96a29475:922c64590222798bb761d5b6d8e72950