Proof of Concept: ================= 1.1 The exception handling and filter bypass vulnerability can be exploited by remote attackers and local low privileged user account. For demonstration or reproduce ... Module: IPAddressMask - ext-mb-text, ext-gen4185 & ext-gen7196 INJECT: https://127.0.0.1:1338/admin/FEAdmin.html#SysInterfaceCollection
[PERSISTENT INJECTED SCRIPT CODE AS CERTIFICATE NAME!] |
/[PERSISTENT INJECTED SCRIPT CODE AS CERTIFICATE VIA INFORMATION!] |
OK |
[PERSISTENT INJECTED SCRIPT CODE AS CERTIFICATE NAME!] |
[PERSISTENT INJECTED SCRIPT CODE AS CERTIFICATE VIA INFORMATION!] | Default |