关联漏洞
描述
Reflected XSS in AudioCodes MP-202b
介绍
# CVE-2024-48197
Reflected XSS in AudioCodes MP-202b
# [Description]
Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of
the web interface.
# [Additional Information]
N/A
# [Vulnerability Type]
Cross Site Scripting (XSS) Reflected
# [Vendor of Product]
> Audiocodes
# [Affected Product Code Base]
> MP-202b - 4.4.3
# [Affected Component]
> Login page of the web interface for the device
# [Attack Type]
> Remote
# [Impact Escalation of Privileges]
> true
# [Attack Vectors]
> A user must be coerced into logging into the application with a specially crafted URL supplied. The specially crafted URL can then be used to capture login details.
# [Discovered By]
Gareth C - AnchorSec
文件快照
[4.0K] /data/pocs/a45f552fdf52cd798fe8233e08580f864337ed2a
└── [ 778] README.md
0 directories, 1 file
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。