InterWorx Web Control Panel Cross Site Scripting

2014.02.22
Credit: Eric Flokstra
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

============================================== Product: InterWorx Web Control Panel Vendor: InterWorx LLC Tested Version: 5.0.12 build 569 Vulnerability Type: Cross-Site Scripting [CWE-79] CVE Reference: CVE-2014-2035 Risk Level: Medium CVSSv2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N) Solution Status: Fixed in Version 5.0.13 build 574 Discovered and Provided: Eric Flokstra (www.itsec.nl) ============================================== About the Vendor ------------------------- The InterWorx Hosting Control Panel is a web hosting and linux server management system that provides tools for server administrators to command their servers and for end users to oversee the operations of their website. Advisory Details: ------------------------- Reflected cross-site scripting (XSS) vulnerability in the InterWorx Web Control Panel. The application uses XMLHttpRequests to post messages to the web server. However, insufficient output encoding is performed enabling remote execution of arbitrary scripting code in the target's web browser. By changing the request method from POST to GET the following URL could be used as proof of concept: http://demo.interXworx.com:2080/xhr.php?i={%22r%22%3a%22Form_InputValidator%22%2c%22i%22%3a{%22form%22%3a%22Form_NW_Shell_ForbiddenUsers%22%2c%22ctrl%22%3a%22\%2fnodeworx\%2fshell%3Cimg%20src%3dx%20onerror%3dalert%28%27XSS%27%29%3E%22%2c%22input%22%3a%22forbidden_unix_users%22%2c%22value%22%3a%22moi%22%2c%22where_was_i%22%3a%22%2fnodeworx%2fshell%22}} Vendor contact timeline: ------------------------------------ 18 Feb 2014: Vendor notification 18 Feb 2014: Vulnerability confirmation 19 Feb 2014: Issue patched 20 Feb 2014: Public disclosure Solution: ------------ Upgrade to the latest version (5.0.13 build 574) of InterWorx Web Control Panel. References: ----------------- [1] InterWorx Changelog - http://www.interworx.com/developers/changelog/ [2] Common Vulnerabilities and Exposures (CVE) - http://cve.mitre.org [3] Common Weakness Enumeration (CWE) - http://cwe.mitre.org


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top