Endian UTM Firewall v2.4.x Cross-Site Scripting Vulnerability

Release date:
Updated on:

Affected Systems:
Endian UTM Firewall Appliance Application v2.4.x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 52076

Endian Firewall provides open-source GNU/Linux releases for routing/Firewall and unified Threat Management.

Multiple XSS vulnerabilities exist in the Endian Firewall v2.4.x UTM Appliance Application. These vulnerabilities allow attackers to hijack site users or manage sessions, steal accounts and client content request operations.

<* Source: Vulnerability Research Laboratory
*>

Test method:
--------------------------------------------------------------------------------

Alert

The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!

#1 https://demo.endian.com/cgi-bin/dnat.cgi#createrule
[XSS]

#2 https://demo.endian.com/cgi-bin/dansguardian.cgi?addrule=xss]

#3 https://demo.endian.com/cgi-bin/openvpn_users.cgi
? = [XSS]

Suggestion:
--------------------------------------------------------------------------------
Vendor patch:

Endian
------
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:

Http://www.endian.com