ServersCheck Monitoring Software Cross Site Scripting

2017.12.22
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 3.5/10
Impact Subscore: 2.9/10
Exploitability Subscore: 6.8/10
Exploit range: Remote
Attack complexity: Medium
Authentication: Single time
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

# Exploit Title: ServersCheck Monitoring Software before 14.2.3 Cross-site scripting vulnerability # CVE: CVE-2017-17832 # Date: 21-12-2017 # Exploit Author: Aloyce J. Makalanga # Contact: https://twitter.com/aloycemjr <https://twitter.com/aloycemjr> # Vendor Homepage: http://serverscheck.com # Category: webapps # Attack Type: Remote # Impact: Data/Cookie theft ***Disclosure Timeline*** 20-12-2017 - Vulnerability discovered 20-12-2017 - Vulnerability reported to the vendor 21-12-2017 - Vendor responded indicating that a patch will be available within 24 hours 21-12-2017 - Patch released (See https://serverscheck.com/monitoring-software/release.asp <https://serverscheck.com/monitoring-software/release.asp> ) 1. Description ServersCheck Monitoring Software before 14.2.3 is prone to a cross-site scripting vulnerability as user supplied-data is not validated/sanitized when passed in the settings_SMS_ALERT_TYPE parameter, and JavaScript can be executed on settings-save.html (the Settings - SMS Alerts page). If exploited, an authenticated attacker could steal victims' cookie, session tokens or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes. 2. Proof of Concept See: https://serverscheck.com/monitoring-software/release.asp <https://serverscheck.com/monitoring-software/release.asp> 3. Solution: Update to version 14.2.3 http://downloads.serverscheck.com/monitoring_software/setup.exe


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top