OpenFiler 2.99.1 – Multiple Persistent Cross-Site Scripting Vulnerabilities

• Exploit Database
• 14 阅读

• 作者： Dolev Farhi
  日期： 2014-05-08
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/33248/

• # Exploit Title: Multiple persistent XSS in Openfiler
  
  # Exploit author: Dolev Farhi @f1nhack
  
  # Date 07/05/2014
  
  # Vendor homepage: http://www.openfiler.com
  
  # Affected Software version: 2.99.1
  
  # Alerted vendor: 7.5.14
  
  
  Software Description
  =====================
  Openfiler is a network storage operating system. With the features we built into Openfiler, you can take advantage of file-based Network Attached Storage and block-based 
  Storage Area Networking functionality in a single cohesive framework.
  
  
  
  Vulnerability Description
  =========================
  Multiple Persistent Cross Site Scripting 
  
  
  
  Steps to reproduce / PoC:
  =========================
  1.1. Login to Openfiler dashboard.
  
  1.2. Under system tab -> Network Access Configuration create a new NAC
  
  1.3. Name the NAC <script>alert(document.cookie);</script>
  
  1.4. Navigate to another tab.
  
  1.5. Navigate back to System tab
  
  1.6. the XSS reflects to the window.
  
  
  
  2.1. Create a new Volume Group.
  
  2.2. Create a new Logical Volume with any name you want.
  
  2.3. in the Description, enter </script>alert("XSS")</script>
  
  2.4. Click OK.
  
  2.5. Navigate to "Shares" tab -> XSS
  
  2.6. Navigate to "Snapshot Shares" -> XSS
  
  2.7. Navigate to "Existing shares" -> XSS
  
  2.8. Navigate to "Quota" -> XSS
  
  
  
  
  
  <-> PoC Video: https://www.youtube.com/watch?v=CLG5iS3qU-M&feature=youtu.be