sábado, 8 de diciembre de 2018

[American Power Conversion] Rack PDU; Múltiples inyecciones.


[*] Vuln;       "Multiple injections"
[*] Vendor: "American Power Conversion"
[*] Producto: "Network Management Card AOS/ Rack PDU APP"
[*] Version: "v3.5.x"



(AP7900)





# Credentials
--------------
USER: device
PASS: apc



Access via telnet:





vuln 1: Inyección HTML via Cross Protocol injection 

STEAPS
1) Login

2) SNMP_SET

oid: iso.3.6.1.4.1.318.1.1.12.3.4.1.1.2.8


2.1) poc; check vuln !



3) HTML injection via SNMP (Cross Protocol Injection )






----------------------------------------------------------------------------------------------------


vuln 2: Input "Name" vuln to : "HTML injection"












----------------------------------------------------------------------------------------------------

vuln 3: Input 'External Link' vuln to Cross Site Scripting. (Persistent)

POC 1








POC 2.




# REMOTE JS










Saludos,
@Capitan_alfa

No hay comentarios.:

Publicar un comentario