header-logo
Suggest Exploit
vendor:
Dreambox
by:
Thiago 'THX' Sena
6,1
CVSS
MEDIUM
Cross-site scripting (XSS)
79
CWE
Product Name: Dreambox
Affected Version From: 2.0.0
Affected Version To: 2.0.0
Patch Exists: YES
Related CWE: CVE-2017-15287
CPE: a:dreamboxupdate:dreambox:2.0.0
Metasploit: N/A
Other Scripts: N/A
Tags: dreambox,edb,cve,cve2017,xss
CVSS Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Nuclei References: https://fireshellsecurity.team/assets/pdf/Vulnerability-XSS-Dreambox.pdfhttps://www.exploit-db.com/exploits/42986/https://nvd.nist.gov/vuln/detail/CVE-2017-15287
Nuclei Metadata: {'max-request': 1, 'framework': 'dreambox', 'vendor': 'bouqueteditor_project', 'product': 'bouqueteditor'}
Platforms Tested: Kali Linux, Windows 7, 8.1, 10
2017

Vulnerability XSS – Dreambox

Dream Multimedia Dreambox devices via their WebControl component are vulnerable to reflected cross-site scripting, as demonstrated by the "Name des Bouquets" field, or the file parameter to the /file URI.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.
Source

Exploit-DB raw data:

# Exploit Title: Vulnerability XSS - Dreambox
# Shodan Dork: Dreambox 200 
# Date: 12/10/2017
# Exploit Author: Thiago "THX" Sena
# Vendor Homepage: https://www.dreamboxupdate.com
# Version: 2.0.0
# Tested on: kali linux, windows 7, 8.1, 10
# CVE : CVE-2017-15287

Vulnerabilty: Cross-site scripting (XSS) in plugin BouquetEditor

---------------------------------------------------------------

PoC: 

- First you go to ( http://IP:PORT/bouqueteditor/ )

- Then you go to the Bouquets tab, add a new bouquet

- Then put the script (<script>alert(1)</script>)

- Xss Vulnerability

Navigation

Suggest Exploit

Services By CQR