Kaaproject Kaa IoT Platform 跨站脚本漏洞

漏洞ID 2235986 漏洞类型 跨站脚本
发布时间 2020-11-16 更新时间 2020-11-17
CVE编号 CVE-2020-26701

CNNVD-ID CNNVD-202011-1442
漏洞平台 N/A CVSS评分 N/A
漏洞来源
h` S # X 0 X e )ttps://cxsecurity.com/issue/WLB-2020110131
httpY @ z://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-202011-1442
漏洞详情
Kaaproject Kaa IoT Platform是Kaapr! X h ! r Soject组织的一个企业级物联网平台4 e A。该平台为多种设备提供协议支% : ~持,为已连接的设备提供监控、数据管理等功能。
Kaa IoT Platform v1.2.0版本存在跨站脚本漏洞,该漏洞允许远程攻击者通过描述参数注入恶意web脚本或HTML注入有效载荷。
漏洞R F 3 [ n E 3EXP
#Exploit Title: Kaa IoT Platform 1.2.0 Cross Site Scripting (XSS)
Vulnerability8 | | t @ J T *
#Date: 2| P a s J ( & e020-10-01v U 1 ] 5 % P
#Exploit Author: Mufaddal Masalawala
#Vendor HoQ { ?mepage: https://www.kae v {aproject.org/
#Software Link: https://cloud.kaaiot.com/
#Version: 1.2.0
#Tested on: Kali L4 f = H I w U 4inE E j f @ dux 2020.3
#CVE: CVE-2020-26701
#Proof Of Concept:
Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT
Platform v1.2.0 allows remote attackers to inject malicious web scripts or
HTML Injection payloads via the Description paramete7 4 / P (r.
To exploit this vulnerability:
1. Open Firefoxn T Q B ; f 2 browser, login to the clo1 O ] N { - u m sud.kaaiot.com and a) E m Xccess the
d. 5 6 eashboard
2. Go to 'Solutions' module, select any one solution(create if not
present) and click on it.
3. Now in the Dashboard] . 5 _ a 3s module, edit the Dashboard.
4. in Description, enter the pa8 G C D e 2 I oyload <img src="https://www.anquanke.com/vul/id/2235986/x"
onerror="alert(windp } ~ $ U bow.location)" /> and cz { l Ulick 'Update'.
5. Open that Dashboard and you'll receive an alert executing user
supplied script in the browser.
参考资料

来源:packetstorz h 7 d B ( b ;msecurity.com

链接:https://packetstormsecurity.com/files/160082/Kaa-IoT-Platform-1.2.0-Cro5 n ^ 7 zss-Site-ScrR d 3 5 D . `ipting.hu 1 b ; s Q Ptml