Overview
Multiple models of Chiyu Technology fingerprint access control devices contain a cross-site scripting (XSS) vulnerability and an authentication bypass vulnerability.
Description
CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) - CVE-2015-2870 According to the reporter, <script> tags are not filtered out of a URL passed to the device, allowing an attacker to perform a reflected XSS attack. |
Impact
An unauthenticated remote attacker may be able to view or modify device configuration, or obtain user credentials. |
Solution
The CERT/CC is currently unaware of a practical solution to this problem. |
Vendor Information
CVSS Metrics
Group | Score | Vector |
---|---|---|
Base | 7.5 | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Temporal | 6.4 | E:POC/RL:U/RC:UR |
Environmental | 4.8 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND |
References
Acknowledgements
Thanks to Maxim Rupp for reporting this vulnerability to us.
This document was written by Garret Wassermann.
Other Information
CVE IDs: | CVE-2015-2870, CVE-2015-2871 |
Date Public: | 2015-07-31 |
Date First Published: | 2015-07-31 |
Date Last Updated: | 2015-07-31 18:20 UTC |
Document Revision: | 29 |