Input validation

2019-06-1720:15:00

PRIOn knowledge base

www.prio-n.com

7.4 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.0%

JSON

An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides a shell script called connect.sh which is supposed to return a specific cookie for the user when the user is authenticated to https://home.getvera.com. One of the parameters retrieved by this script is “RedirectURL”. However, the application lacks strict input validation of this parameter and this allows an attacker to execute the client-side code on this application.

CPENameOperatorVersion
veraedge_firmwarele1.7.19
veralite_firmwarele1.7.481

CPE	Name	Operator	Version
	veraedge_firmware	le	1.7.19
	veralite_firmware	le	1.7.481

References

packetstormsecurity.com/files/153242/Veralite-Veraedge-Router-XSS-Command-Injection-CSRF-Traversal.html

github.com/ethanhunnt/IoT_vulnerabilities/blob/master/Vera_sec_issues.pdf

seclists.org/bugtraq/2019/Jun/8