Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS)

vendor:

NVR301-04S2-P4

by:

Bleron Rrustemi

7.5

CVSS

HIGH

Reflected Cross-Site Scripting (XSS)

CWE

Product Name: NVR301-04S2-P4

Affected Version From: NVR-B3801.20.15.200829

Affected Version To: NVR301-04S2-P4

Patch Exists: NO

Related CWE:

CPE: o:uniview:nvr301-04s2-p4

Metasploit:

Other Scripts:

Platforms Tested: Windows 10 Enterprise LTSC 64, Firefox 106.0.5 (64-bit)

2022

Uniview NVR301-04S2-P4 – Reflected Cross-Site Scripting (XSS)

The Uniview NVR301-04S2-P4 device is vulnerable to reflected cross-site scripting (XSS) attacks. An attacker can exploit this vulnerability by injecting malicious code into a crafted URL, which will be executed when accessed by a victim user.

Mitigation:

To mitigate this vulnerability, the vendor should release a security patch that properly sanitizes user input to prevent the execution of malicious code. Additionally, users are advised to avoid accessing untrusted URLs or clicking on suspicious links.

Source

Exploit-DB raw data:

# Exploit Title: Uniview NVR301-04S2-P4 - Reflected Cross-Site Scripting (XSS)
# Author: Bleron Rrustemi
# Discovery Date: 2022-11-15
# Vendor Homepage: https://www.uniview.com/tr/Products/NVR/Easy/NVR301-04S2-P4/
# Datasheet:: https://www.uniview.com/download.do?id=1761643
# Device Firmware: NVR-B3801.20.15.200829
# Tested Version: NVR301-04S2-P4
# Tested on: Windows 10 Enterprise LTSC 64\Firefox 106.0.5 (64-bit)
# Vulnerability Type: Reflected Cross-Site Scripting (XSS)
# CVE: N/A

 

 

# Proof of Concept:

IP=IP of the device

http://IP/LAPI/V1.0/System/Security/Login/"><script>alert('1')</script>

 

Best regards,

Bleron Rrustemi
Chief Technology Officer
Direct: +383 (0) 49 955 503
E-mail:  <mailto:bleron@drugeza.com> bleron@drugeza.com
  


 <http://> 

Drugëza SHPK
Rr. Lekë Dukagjini p.n
Prishtinë, 10000 • Kosovo
Tel.: +383 49 955 503
www.drugeza.com


 

ü Be GREEN, keep it on the SCREEN