Wednesday, January 22, 2020

[VDH] VDH VDH mainboard version 1.02 Alfanet IP module version V1.07 Release 1.08 Stored Cross-Site Scripting

VDH Products has been a one of the world’s leading manufacturers for more than 40 years of accurate control systems in all situations where temperature, pressure and relative humidity are critical parameters.

The following picture shows the version of the device

To access this device I've used the default credentials admin:admin

Then I've noticed that if every field of the "Configuratie" page is vulnerable to XSS, I've tested putting a payload on the Mail Subject field:

When I clicked on the submit button, I was redirected to the same page

But this time, (after the redirection), the payload entered before was executed as the following picture shows: