Skip to content

miguelhamal/CVE-2019-19393

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

Rittal CMC PU III – Stored XSS PoC

Application: Rittal CMC PU III Web management

Devices: CMC PU III 7030.000

Software Revision: From V3.11.00_2 to V3.15.70_4

Hardware Revision: From V3.00 to V6.01

Attack type: Stored XSS

Solution: Update to Software Revision V3.17.10 or later

Summary: Web application fails to sanitize user input on system configurations page. This allows attacker to backdoor the device with HTML and browser interpreted content (such as JS or other client-side scripts) as the content is displayed always after and before login. Persistent XSS allows attacker to modify displayed content or to change the victim's information. Successful exploitation requires access to the web management interface either with valid credentials or hijacked session.

Technical Description: See CVE-2019-19393.pdf

Timeline:

  • 2019-11-11 Issues discovered
  • 2019-11-28 First contact with vendor via e-mail
  • 2020-03-02 Second contact with vendor via e-mail
  • 2020-03-02 Vendor response. XSS vulnerabilities were already detected, and would be patched in the next release
  • 2020-08-20 New Software Version release. V3.17.10
  • 2020-09-28 Vulnerability patch confirmed

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published