Skip to content

gh-ost00/CVE-2024-5420-XSS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 

Repository files navigation

Description

A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting (XSS), enabling attackers to inject JavaScript code. The attack can be executed remotely by tricking victims into visiting a malicious website, potentially leading to session hijacking. This vulnerability is publicly disclosed and identified as CVE-2024-5420.

USAGE

nuclei --target http://192.168.1.1:8080/ -t CVE-2024-5420.yaml

Dork query

FOFA : title="utnserver Control Center"
SHODAN : SEH HTTP Server

About

SEH utnserver Pro/ProMAX / INU-100 20.1.22 - XSS

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published