header-logo
Suggest Exploit
vendor:
VLC
by:
Andrea Sindoni
7,1
CVSS
HIGH
XSS
79
CWE
Product Name: VLC
Affected Version From: VLC 2.2.1
Affected Version To: VLC 2.2.1
Patch Exists: Yes
Related CWE: CVE-2015-5261
CPE: a:videolan:vlc:2.2.1
Metasploit: https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/suse-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/ubuntu-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2015-5261/https://www.rapid7.com/db/vulnerabilities/alpine-linux-cve-2015-5261/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2015-5261/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/debian-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/oracle_linux-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/redhat_linux-cve-2016-2150/https://www.rapid7.com/db/vulnerabilities/suse-cve-2015-5261/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1890/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1889/https://www.rapid7.com/db/vulnerabilities/ubuntu-USN-2766-1/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows
2015

XSS vulnerability via metadata

XSS vulnerability via metadata title. Launch: vlc.exe --http-host=127.0.0.1 --http-port=8080 --http-password=andrea. Open Browser and go to localhost:8080 (for more info see https://wiki.videolan.org/Documentation:Modules/http_intf/). Then left username blank and password andrea. Select poc.mp3 (attached) file. See Attached image.

Mitigation:

The vulnerability can be mitigated by disabling the HTTP interface in VLC.
Source

Exploit-DB raw data:

##################################
# Andrea Sindoni - @invictus1306 #
##################################

XSS vulnerability via metadata

1. Introduction

Affected Product:    VLC 2.2.1 / WEB INTERFACE
Vulnerability Type:  XSS

2. Vulnerability Description

XSS vulnerability via metadata title 

3. Proof of Concept

3.1 Launch: vlc.exe --http-host=127.0.0.1 --http-port=8080 --http-password=andrea
3.2 Open Browser and go to localhost:8080 (for more info see https://wiki.videolan.org/Documentation:Modules/http_intf/)
3.3 Then left username blank and password andrea
3.4 Select poc.mp3 (attached) file
3.5 See Attached image

Proof of Concept:
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/38706.zip

Navigation

Suggest Exploit

Services By CQR