Blackberry.com Open Redirect

Published
Credit
Risk
2014.10.14
Claudio Viviani
Low
CWE
CVE
Local
Remote
CWE-601
N/A
No
Yes

######################
# Exploit Title : blackberry.com Open redirect vulnerability.

# Exploit Author : Claudio Viviani

# Vendor Homepage : http://www.blackberry.com

# Date : 2014-10-10

# Tested on : Windows 7 / Mozilla Firefox
Windows 7 / Chrome
Linux / Mozilla Firefox

######################

# Descritpion:

The website " www.blackberry.com " suffers from open redirect vulnerability.

######################

# PoC Exploit:

Redirection to any (phishing?) site:


http://www.blackberry.com/redirect/rdr?target=http://www.homelab.it


# PoC video is available at:

https://www.youtube.com/watch?v=xROTWKd5w9E


######################

Discovered By : Claudio Viviani
http://www.homelab.it

info@homelab.it
homelabit@protonmail.ch

https://www.facebook.com/homelabit
https://twitter.com/homelabit
https://plus.google.com/+HomelabIt1/
https://www.youtube.com/channel/UCqqmSdMqf_exicCe_DjlBww

#####################

References:

https://www.youtube.com/watch?v=xROTWKd5w9E


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com