Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-24654 PoC — IIntelbras ATA 200 跨站脚本漏洞

Source
https://github.com/leonardobg/CVE-2022-24654
Associated Vulnerability
Title:IIntelbras ATA 200 跨站脚本漏洞 (CVE-2022-24654)
Description:Authenticated stored cross-site scripting (XSS) vulnerability in "Field Server Address" field in INTELBRAS ATA 200 Firmware 74.19.10.21 allows attackers to inject JavaScript code through a crafted payload.
Description
PoC for CVE-2022-24654
Readme
# CVE-2022-24654

PoC of CVE-2022-24654 - INTELBRAS ATA 200 Firmware 74.19.10.21

## Authenticated stored Cross Site Scripting


## Steps to Reproduce:

1. Log in the equipment via your web browser
2. Go to Management > Syslog
3. In the "Field Server Address" inject the payload "-prompt("XSS")-"
4. Click Save
5. Exploit!
File Snapshot

 [4.0K]  /data/pocs/37fd01c5bcda01e271c00654f15c1a0f21d1afc8
└── [ 323]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →