The feature 'http://localhost/gestioip/res/ip_mod_dns_key_form.cgi' in GestioIP 3.5.7 is susceptible to Stored XSS. An authenticated attacker can inject malicious code into the 'tsig_key' form field, which when saved to the database, can be triggered by any user accessing the 'DNS Key' page, resulting in the execution of malicious code.
GestioIP v3.5.7 is vulnerable to CSRF attacks due to multiple endpoints. An attacker can trick an authenticated admin to visit a malicious URL, leading to unauthorized actions such as data modification, deletion, or exfiltration.
GestioIP 3.5.7 is prone to an authenticated cross-site scripting vulnerability in the 'ip_do_job' feature. This could allow attackers to perform data exfiltration and cross-site request forgery (CSRF) attacks. The vulnerability can be exploited by injecting malicious scripts into parameters like 'host_id' and 'stored_config'.
The GestioIP version 3.5.7 is vulnerable to remote command execution. An attacker can exploit this vulnerability to execute arbitrary commands on the target server. This exploit is identified by CVE-2024-48760.
The ip_import_acl_csv request in GestioIP 3.5.7 allows for Reflected Cross-Site Scripting (XSS) where uploaded file content is reflected in the HTML response without proper sanitation. If the uploaded file has an incorrect format leading to an error during processing, parts of the file's content may be displayed in the browser. If this content contains HTML or scripts and is not escaped correctly, browsers may interpret it, potentially causing a security issue like data exfiltration and enabling Cross-Site Request Forgery (CSRF) attacks. Proper input validation and output encoding are crucial to mitigate this vulnerability.
Services By CQR