CVE-2012-4923 (GCVE-0-2012-4923)

Vulnerability from cvelistv5 – Published: 2012-09-15 17:00 – Updated: 2024-08-06 20:50

Summary

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/bid/52076	vdb-entryx_refsource_BID
	http://www.vulnerability-lab.com/get_content.php?id=436	x_refsource_MISC
	http://packetstormsecurity.org/files/109942/Endia…	x_refsource_MISC

Date Public ?

2012-02-18 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:50:17.993Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "endianfirewall-multiple-xss(73330)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
          },
          {
            "name": "52076",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52076"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-28T12:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "endianfirewall-multiple-xss(73330)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
        },
        {
          "name": "52076",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52076"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-4923",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "endianfirewall-multiple-xss(73330)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
            },
            {
              "name": "52076",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52076"
            },
            {
              "name": "http://www.vulnerability-lab.com/get_content.php?id=436",
              "refsource": "MISC",
              "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
            },
            {
              "name": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-4923",
    "datePublished": "2012-09-15T17:00:00.000Z",
    "dateReserved": "2012-09-15T00:00:00.000Z",
    "dateUpdated": "2024-08-06T20:50:17.993Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2012-4923",
      "date": "2026-04-24",
      "epss": "0.03192",
      "percentile": "0.87018"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CF83520-62B0-4B76-9B08-CC127C278E4D\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.\"}, {\"lang\": \"es\", \"value\": \"M\\u00faltiples vulnerabilidades de ejecuci\\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Endian Firewall 2.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\\u00e9s del par\\u00e1metro (1) createrule sobre dnat.cgi, (2) addrule sobre  dansguardian.cgi, o (3) PATH_INFO sobre  openvpn_users.cgi.\\r\\n\"}]",
      "id": "CVE-2012-4923",
      "lastModified": "2024-11-21T01:43:45.560",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2012-09-15T17:55:07.223",
      "references": "[{\"url\": \"http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/52076\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.vulnerability-lab.com/get_content.php?id=436\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/73330\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.securityfocus.com/bid/52076\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://www.vulnerability-lab.com/get_content.php?id=436\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/73330\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2012-4923\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2012-09-15T17:55:07.223\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.\"},{\"lang\":\"es\",\"value\":\"M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Endian Firewall 2.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro (1) createrule sobre dnat.cgi, (2) addrule sobre  dansguardian.cgi, o (3) PATH_INFO sobre  openvpn_users.cgi.\\r\\n\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CF83520-62B0-4B76-9B08-CC127C278E4D\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/52076\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vulnerability-lab.com/get_content.php?id=436\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/73330\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.securityfocus.com/bid/52076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://www.vulnerability-lab.com/get_content.php?id=436\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/73330\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

VAR-201209-0471

Vulnerability from variot - Updated: 2023-12-18 13:49

Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi. (1) dnat.cgi of createrule Parameters (2) dansguardian.cgi of addrule Parameters (3) openvpn_users.cgi of PATH_INFO. Endian Firewall is an open source firewall device. Exploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible. It is being developed by the Italian Endian Srl and the community. Endian is originally based on IPCop, which itself was a fork of Smoothwall.

(Copy of the Vendor Website: http://en.wikipedia.org/wiki/Endian_Firewall )

Einfach, schnell und zukunftssicher! Die ideale Lösung, um Ihre Filialen und industriellen Zweigstellen rund um den Globus zu schützen. Endian 4i ist die ideale Lösung für Büroaußenstellen oder Industrieinstallationen. Die Firewall ist in den zwei Varianten „Office“ und „Industrial“ erhältlich. Die Office-Version bietet alle Funktionen, um Netzwerke in der Firma und in Verbindung mit Außenstellen einfach und sicher zu verlinken. Derselbe Funktionsumfang ist bei der Industrial-Version vorhanden, die sich speziell an den Industriebereich richtet und 24V Support bietet sowie auf der Hutschiene installiert werden kann. Remote-Supporting, Remote-Konfiguration, Systemüberwachung bis hin zur einfachen, sicheren Vernetzung von Außenstellen – die Kostenvorteile dabei liegen auf der Hand. Sichern auch Sie sich die Konnektivität Ihres Unternehmens ab, und behalten Sie mit der Endian 4i stets die Nase vorn.

(Copy of the Vendor Homepage: http://www.endian.com/de/products/utm-hardware/4i/)

Abstract:

The Vulnerability Lab Team discovered mutliple non persistent Cross Site Scripting Vulnerabilities on Endians UTM Firewall v2.4.x Application.

Report-Timeline:

2011-02-02: Vendor Notification 2012-02-18: Public or Non-Public Disclosure

Status:

Published

Affected Products:

Endian Product: UTM Firewall Appliance Application v2.4.x

Exploitation-Technique:

Remote

Severity:

Medium

Details:

Multiple non persistent cross site scripting vulnerabilities are detected on Endian Firewall v2.4.x UTM Appliance Application. The vulnerability allows remote attackers to hijack website customer, moderator or admin sessions with high required user inter action or local low privileged user account. Successful exploitation can result in account steal, phishing & client-side content request manipulation.

Vulnerable Module(s): [+] openvpn_users.cgi [+] dnat.cgi#createrule [+] dansguardian.cgi#addrule

Picture(s): ../1.png ../2.png ../3.png

Proof of Concept:

The vulnerabilities can be exploited by local low privileged user accounts or remote attackers with high required user inter action. For demonstration or reproduce ...

1 https://demo.endian.com/cgi-bin/dnat.cgi#createrule

[XSS]

2 https://demo.endian.com/cgi-bin/dansguardian.cgi#addrule[XSS]

3 https://demo.endian.com/cgi-bin/openvpn_users.cgi

?=[XSS]

Risk:

The security risk of the cross site scripting vulnerabilities are estimated as medium(-).

Credits:

Vulnerability Research Laboratory

Disclaimer:

The information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, either expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability- Lab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability- Lab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by Vulnerability-Lab or its suppliers.

                        Copyright © 2012|Vulnerability-Lab

-- Website: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com Contact: admin@vulnerability-lab.com or support@vulnerability-lab.com

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201209-0471",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "firewall",
        "scope": "eq",
        "trust": 3.3,
        "vendor": "endian",
        "version": "2.4"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "db": "BID",
        "id": "52076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Vulnerability Research Laboratory",
    "sources": [
      {
        "db": "BID",
        "id": "52076"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2012-4923",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 4.3,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2012-4923",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 8.6,
            "id": "VHN-58204",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2012-4923",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201202-373",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-58204",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi. (1) dnat.cgi of createrule Parameters (2) dansguardian.cgi of addrule Parameters (3) openvpn_users.cgi of PATH_INFO. Endian Firewall is an open source firewall device. \nExploiting these issues could allow an attacker to execute arbitrary script on the affected server and steal cookie-based authentication credentials. Other attacks are also possible. It is being developed by the Italian Endian Srl and the community. Endian is originally \nbased on IPCop, which itself was a fork of Smoothwall. \n\n(Copy of the Vendor Website: http://en.wikipedia.org/wiki/Endian_Firewall )\n\nEinfach, schnell und zukunftssicher! Die ideale L\u00f6sung, um Ihre Filialen und industriellen Zweigstellen rund um den Globus zu sch\u00fctzen. \nEndian 4i ist die ideale L\u00f6sung f\u00fcr B\u00fcroau\u00dfenstellen oder Industrieinstallationen. Die Firewall ist in den zwei Varianten \u201eOffice\u201c und \n\u201eIndustrial\u201c erh\u00e4ltlich. Die Office-Version bietet alle Funktionen, um Netzwerke in der Firma und in Verbindung mit Au\u00dfenstellen einfach \nund sicher zu verlinken. Derselbe Funktionsumfang ist bei der Industrial-Version vorhanden, die sich speziell an den Industriebereich \nrichtet und 24V Support bietet sowie auf der Hutschiene installiert werden kann. Remote-Supporting, Remote-Konfiguration, System\u00fcberwachung \nbis hin zur einfachen, sicheren Vernetzung von Au\u00dfenstellen \u2013 die Kostenvorteile dabei liegen auf der Hand. Sichern auch Sie sich die \nKonnektivit\u00e4t Ihres Unternehmens ab, und behalten Sie mit der Endian 4i stets die Nase vorn. \n\n(Copy of the Vendor Homepage: http://www.endian.com/de/products/utm-hardware/4i/)\n\n\nAbstract:\n=========\nThe Vulnerability Lab Team discovered mutliple non persistent Cross Site Scripting Vulnerabilities on Endians UTM Firewall v2.4.x Application. \n\n\nReport-Timeline:\n================\n2011-02-02:\tVendor Notification\n2012-02-18:\tPublic or Non-Public Disclosure\n\n\nStatus:\n========\nPublished\n\n\nAffected Products:\n==================\nEndian\nProduct: UTM Firewall Appliance Application v2.4.x\n\n\nExploitation-Technique:\n=======================\nRemote\n\n\nSeverity:\n=========\nMedium\n\n\nDetails:\n========\nMultiple non persistent cross site scripting vulnerabilities are detected on Endian Firewall v2.4.x UTM Appliance Application. \nThe vulnerability allows remote attackers to hijack website customer, moderator or admin sessions with high required \nuser inter action or local low privileged user account. Successful exploitation can result in account steal, phishing \n\u0026 client-side content request manipulation. \n\nVulnerable Module(s):\n                                                                [+] openvpn_users.cgi\n                                                                [+] dnat.cgi#createrule\n                                                                [+] dansguardian.cgi#addrule\n\nPicture(s):\n                                                                ../1.png\n                                                                ../2.png\n                                                                ../3.png\n\n\nProof of Concept:\n=================\nThe vulnerabilities can be exploited by local low privileged user accounts or remote attackers with high required user inter action. \nFor demonstration or reproduce ... \n\n\n#1 https://demo.endian.com/cgi-bin/dnat.cgi#createrule\n[XSS]\n\n#2 https://demo.endian.com/cgi-bin/dansguardian.cgi#addrule[XSS]\n\n\n#3 https://demo.endian.com/cgi-bin/openvpn_users.cgi\n?=[XSS]\n\n\n\nRisk:\n=====\nThe security risk of the cross site scripting vulnerabilities are estimated as medium(-). \n\n\nCredits:\n========\nVulnerability Research Laboratory\n\n\nDisclaimer:\n===========\nThe information provided in this advisory is provided as it is without any warranty. Vulnerability-Lab disclaims all warranties, \neither expressed or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-\nLab or its suppliers are not liable in any case of damage, including direct, indirect, incidental, consequential loss of business \nprofits or special damages, even if Vulnerability-Lab or its suppliers have been advised of the possibility of such damages. Some \nstates do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation \nmay not apply. Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability-\nLab. Permission to electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of \nother media, are reserved by Vulnerability-Lab or its suppliers. \n\n    \t\t\t\t\t\tCopyright \u00a9 2012|Vulnerability-Lab\n\n\n-- \nWebsite: www.vulnerability-lab.com ; vuln-lab.com or vuln-db.com\nContact: admin@vulnerability-lab.com or support@vulnerability-lab.com\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "db": "BID",
        "id": "52076"
      },
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "db": "PACKETSTORM",
        "id": "109942"
      }
    ],
    "trust": 2.61
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-58204",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2012-4923",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "52076",
        "trust": 2.0
      },
      {
        "db": "PACKETSTORM",
        "id": "109942",
        "trust": 1.8
      },
      {
        "db": "XF",
        "id": "73330",
        "trust": 1.2
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373",
        "trust": 0.7
      },
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804",
        "trust": 0.6
      },
      {
        "db": "NSFOCUS",
        "id": "20918",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "36831",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "36833",
        "trust": 0.1
      },
      {
        "db": "EXPLOIT-DB",
        "id": "36832",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-58204",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "db": "BID",
        "id": "52076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "PACKETSTORM",
        "id": "109942"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "id": "VAR-201209-0471",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      }
    ],
    "trust": 0.06999999999999999
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:49:08.551000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Endian Firewall Community",
        "trust": 0.8,
        "url": "http://www.endian.com/en/community/"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-79",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/52076"
      },
      {
        "trust": 1.7,
        "url": "http://packetstormsecurity.org/files/109942/endian-utm-firewall-2.4.x-cross-site-scripting.html"
      },
      {
        "trust": 1.2,
        "url": "http://xforce.iss.net/xforce/xfdb/73330"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-4923"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-4923"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/20918"
      },
      {
        "trust": 0.3,
        "url": "http://www.endian.com/en/products/firewall/appliances/"
      },
      {
        "trust": 0.1,
        "url": "https://demo.endian.com/cgi-bin/openvpn_users.cgi"
      },
      {
        "trust": 0.1,
        "url": "https://demo.endian.com/cgi-bin/dansguardian.cgi#addrule[xss]"
      },
      {
        "trust": 0.1,
        "url": "http://www.endian.com/de/products/utm-hardware/4i/)"
      },
      {
        "trust": 0.1,
        "url": "http://en.wikipedia.org/wiki/endian_firewall"
      },
      {
        "trust": 0.1,
        "url": "https://demo.endian.com/cgi-bin/dnat.cgi#createrule"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "db": "BID",
        "id": "52076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "PACKETSTORM",
        "id": "109942"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "db": "BID",
        "id": "52076"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "db": "PACKETSTORM",
        "id": "109942"
      },
      {
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-10-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "date": "2012-09-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "date": "2012-02-18T00:00:00",
        "db": "BID",
        "id": "52076"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "date": "2012-02-18T16:27:09",
        "db": "PACKETSTORM",
        "id": "109942"
      },
      {
        "date": "2012-09-15T17:55:07.223000",
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "date": "1900-01-01T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2012-10-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2012-5804"
      },
      {
        "date": "2017-08-29T00:00:00",
        "db": "VULHUB",
        "id": "VHN-58204"
      },
      {
        "date": "2015-03-19T07:35:00",
        "db": "BID",
        "id": "52076"
      },
      {
        "date": "2012-09-19T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      },
      {
        "date": "2017-08-29T01:32:25.417000",
        "db": "NVD",
        "id": "CVE-2012-4923"
      },
      {
        "date": "2012-02-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Endian Firewall Vulnerable to cross-site scripting",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2012-004428"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "xss",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "109942"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201202-373"
      }
    ],
    "trust": 0.7
  }
}

GHSA-H52G-Q5HF-3234

Vulnerability from github – Published: 2022-05-17 01:41 – Updated: 2022-05-17 01:41

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2012-4923"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2012-09-15T17:55:00Z",
    "severity": "MODERATE"
  },
  "details": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.",
  "id": "GHSA-h52g-q5hf-3234",
  "modified": "2022-05-17T01:41:01Z",
  "published": "2022-05-17T01:41:01Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-4923"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
    },
    {
      "type": "WEB",
      "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/52076"
    },
    {
      "type": "WEB",
      "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2012-4923

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2012-4923

Aliases

CVE-2012-4923

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-4923",
    "description": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.",
    "id": "GSD-2012-4923"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-4923"
      ],
      "details": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi.",
      "id": "GSD-2012-4923",
      "modified": "2023-12-13T01:20:15.408093Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2012-4923",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "endianfirewall-multiple-xss(73330)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
          },
          {
            "name": "52076",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/52076"
          },
          {
            "name": "http://www.vulnerability-lab.com/get_content.php?id=436",
            "refsource": "MISC",
            "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
          },
          {
            "name": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html",
            "refsource": "MISC",
            "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-4923"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "52076",
              "refsource": "BID",
              "tags": [
                "Exploit"
              ],
              "url": "http://www.securityfocus.com/bid/52076"
            },
            {
              "name": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html",
              "refsource": "MISC",
              "tags": [
                "Exploit"
              ],
              "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
            },
            {
              "name": "http://www.vulnerability-lab.com/get_content.php?id=436",
              "refsource": "MISC",
              "tags": [],
              "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
            },
            {
              "name": "endianfirewall-multiple-xss(73330)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        }
      },
      "lastModifiedDate": "2017-08-29T01:32Z",
      "publishedDate": "2012-09-15T17:55Z"
    }
  }
}

FKIE_CVE-2012-4923

Vulnerability from fkie_nvd - Published: 2012-09-15 17:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html	Exploit
cve@mitre.org	http://www.securityfocus.com/bid/52076	Exploit
cve@mitre.org	http://www.vulnerability-lab.com/get_content.php?id=436
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/73330
af854a3a-2127-422b-91ae-364da2661108	http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/52076	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.vulnerability-lab.com/get_content.php?id=436
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/73330

Impacted products

	Vendor	Product	Version
	endian	firewall	2.4

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:endian:firewall:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9CF83520-62B0-4B76-9B08-CC127C278E4D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple cross-site scripting (XSS) vulnerabilities in Endian Firewall 2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) createrule parameter to dnat.cgi, (2) addrule parameter to dansguardian.cgi, or (3) PATH_INFO to openvpn_users.cgi."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en Endian Firewall 2.4 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro (1) createrule sobre dnat.cgi, (2) addrule sobre  dansguardian.cgi, o (3) PATH_INFO sobre  openvpn_users.cgi.\r\n"
    }
  ],
  "id": "CVE-2012-4923",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2012-09-15T17:55:07.223",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/52076"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://packetstormsecurity.org/files/109942/Endian-UTM-Firewall-2.4.x-Cross-Site-Scripting.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/52076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vulnerability-lab.com/get_content.php?id=436"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/73330"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2012-4923 (GCVE-0-2012-4923)

VAR-201209-0471

Abstract:

Report-Timeline:

Status:

Affected Products:

Exploitation-Technique:

Severity:

Details:

Proof of Concept:

1 https://demo.endian.com/cgi-bin/dnat.cgi#createrule

2 https://demo.endian.com/cgi-bin/dansguardian.cgi#addrule[XSS]

3 https://demo.endian.com/cgi-bin/openvpn_users.cgi

Risk:

Credits:

Disclaimer:

GHSA-H52G-Q5HF-3234

GSD-2012-4923

FKIE_CVE-2012-4923

Tags

Sightings

Nomenclature