> Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15
devices allow /cgi-bin/cgiServer.exx?page= XSS.
>
> ------------------------------------------
>
> [Vulnerability Type]
> Cross Site Scripting (XSS)
>
> ------------------------------------------
>
> [Vendor of Product]
> Intelbras
>
> ------------------------------------------
>
> [Affected Product Code Base]
> TIP300 - 65.61.75.15
> TIP200/200LITE - 60.61.75.15
>
> ------------------------------------------
>
> [Affected Component]
> CGI file parameter
> EX: /cgi-bin/cgiServer.exx?page= XSS
>
> ------------------------------------------
>
> [Attack Type]
> Local
>
> ------------------------------------------
>
> [Impact Code execution]
> true
>
> ------------------------------------------
>
> [Impact Escalation of Privileges]
> true
>
> ------------------------------------------
>
> [Attack Vectors]
> http://host/cgi-bin/cgiServer.exx?page=<script>alert('SkullSec')</script>
>
> ------------------------------------------
>
> [Discoverer]
> Lucas Souza
>
> ------------------------------------------Sign up to discover human stories that deepen your understanding of the world.
Free
Distraction-free reading. No ads.
Organize your knowledge with lists and highlights.
Tell your story. Find your audience.
Membership
Read member-only stories
Support writers you read most
Earn money for your writing
Listen to audio narrations
Read offline with the Medium app
