Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22943
HistoryDec 15, 2009 - 12:00 a.m.

APC Switched Rack PDU XSS Vulnerability

2009-12-1500:00:00
vulners.com
13
JSON

###########################################

#APC Switched Rack PDU XSS Vulnerability#
#By Jamal Pecou #
#jpecou (at) gmail (dot) c0m. #

###############Product Info#################

            #Product Info(Tested Versions)#

Model = AP7932
Harware Revision = B2

            #Application Module#

Name = rpdu
Version = v3.3.3(Tested First)
Version = 3.7.0(Current)

            #APC OS (AOS)

Name = aos
Version = v3.3.4

###############Vulnerability################

XSS Vulnerability:

The APC Switch RACK PDU web administration login page is prone to a cross-site scripting vulnerability because the application fails to sufficiently sanitize user-supplied input.

The script "login1" located in the Forms directory fails to properly sanitize user input data in the login_username field

####################PoC#####################

Proof-of-Concept

http://<PDU IP>/Forms/login1?login_username=<ScRiPt>alert('hello');</ScRiPt>

################Additional#################

Jun 17th 2009 - Vulnerability Discovered

Jun 18th 2009 - Contacted Vendor

Jun 21st 2009 - APC Creates a ticket and enters finding into bug tracking database.

Dec 14th 2009 - APC, no patches released.

###########################################

JSON