BID:52881

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

Info

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

Bugtraq ID:	52881
Class:	Input Validation Error
CVE:	CVE-2012-4685
Remote:	Yes
Local:	No
Published:	Apr 03 2012 12:00AM
Updated:	Mar 19 2015 09:45AM
Credit:	b.saleh
Vulnerable:	Arbor Networks Peakflow SP 3.6.1 Arbor Networks Peakflow SP 0

Not Vulnerable:	Arbor Networks Peakflow SP 5.1.1 patch 5 Arbor Networks Peakflow SP 5.6 Arbor Networks Peakflow SP 5.5 patch5

Discussion

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

Peakflow SP is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input.

An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Exploit / POC

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

An attacker can exploit the issue by enticing an unsuspecting user to visit a specially crafted URL.

The following example URI is available:

https://www.example.com/index/"onmouseover="alert(666)

Solution / Fix

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

Solution:
Vendor updates are available. Please see the references for more information.

References

Arbor Networks Peakflow SP 'index/' Cross Site Scripting Vulnerability

References:

Peakflow SP Homepage (Arbor Networks)
Arbor Networks Peakflow SP web interface XSS (b.saleh)
Re: Arbor Networks Peakflow SP web interface XSS (Jose Nazario )
Re: Arbor Networks Peakflow SP web interface XSS (Jose Nazario )