Dell SonicWALL Network Security Appliance NSA 6600 XSS

Published
Credit
Risk
2016.12.31
Gjoko 'LiquidWorm' Krstic
Low
CWE
CVE
Local
Remote
CWE-79
N/A
No
Yes

i>>?
Dell SonicWALL Network Security Appliance NSA 6600 Reflected XSS


Vendor: Dell Inc.
Product web page: https://www.sonicwall.com/products/sonicwall-nsa/
Affected version: NSA 6600 running SonicOS Enhanced 6.2.4.3-31n
WXA 4000 running 1.3.2.0-07
SafeMode 6.1.0.11

Summary: Uncompromising security and performance for emerging large organizations.
The NSA 6600 network security appliance delivers best-in-class protection, speed
and scalability with 12 Gbps throughput and up to 6000 VPN clients.

Desc: SonicWALL NSA suffers from a XSS issue due to a failure to properly sanitize
user-supplied input to the 'curUserName' GET parameter in the 'appFirewallSummary.html'
script. Attackers can exploit this weakness to execute arbitrary HTML and script code
in a user's browser session.

Tested on: SonicWALL
MySQL/5.0.96-community-nt
Apache-Coyote/1.1
Apache Tomcat 6.0.41


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
@zeroscience


Advisory ID: ZSL-2016-5391
Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5391.php


26.01.2016

--


https://127.0.0.1/appFirewallSummary.html?curSrcAddrString=&curTSAIdNum=0&curUserName=test";alert('XSS')//

References:

http://www.zeroscience.mk/en/vulnerabilities/ZSL-2016-5391.php


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com