Cross site scripting(XSS) vulnerability in AIWAF in MONITORAPP by xcuter

1. Summary

• AIWAF is Web Application Firewall. There are two types of products, AIWAF and AIWAF-VE(for cloud).
• The AIWAF of MONITORAPP can defend against XSS attack through the web. However, The page that shows blocked result is vulnerable to reflected XSS attacks.
• CVE : CVE-2020-14210

2. Payloads

• https://victim/<script>...whatever...</script>

3. Proof

• pwned

  

  

• response(source code)

4. How to find this vulnerability?

• The "Web Security Checker" automatically diagnoses vulnerabilities in web services. It can diagnose the following vulnerabilities : SQL Injection, XSS, LFI, RFI, SSRF, File Upload, File Download, XXE, Command Injection, File management, Direcroty Listing, Source Code Disclosure, URL Redirection, Insecure SSL/TLS, Mixed Content, Specific Vulnerabilities(CVE ShellShock, etc.)

• https://www.ncloud.com/product/security/webSecurityChecker

5. Discoverer

• Kang Bong Goo( xcuter ) in NBP( NAVER BUSINESS PLATFORM )
• Security Engineer
• Service : https://www.ncloud.com, https://www.naver.com