SynaMan 4.0 Build 1488 Cross Site Scripting

SynaMan version 4.0 build 1488 suffers from a cross site scripting vulnerability.

MD5 | f5e9563e7bcc9d6542dc91c669fbd822

# Exploit Author: bzyo
# CVE: CVE-2018-10763
# Twitter: @bzyo_
# Exploit Title: SynaMan 4.0 - Authenticated Cross Site Scripting (XSS)
# Date: 09-12-18
# Vulnerable Software: SynaMan 4.0 build 1488
# Vendor Homepage:
# Version: 4.0 build 1488
# Software Link:
# Tested On: Windows 7 x86

SynaMan 4.0 suffers from Authenticated Cross Site Scripting (XSS)

Admin access to Synaman web console

Proof of Concept
From Configuration > Advanced Configuration > Partial Branding
- Main heading
- Sub heading

If one were to apply the following XSS payload in either of the fields, alert pop-ups with xss would be present on navigation throughout the web app


While Chrome does block the XSS payload on apply, simply hitting the back button and selecting "Explore" the payload is stored

05-07-18: Vendor notified of vulnerabilities
05-08-18: Vendor responded and will fix
07-25-18: Vendor fixed in new release
09-12-18: Submitted public disclosure

Related Posts