Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-5142 PoC — SonicWall SonicOS SSLVPN NACagent 跨站脚本漏洞

Source
https://github.com/hackerlawyer/CVE-2020-5142-POC-MB
Associated Vulnerability
Title:SonicWall SonicOS SSLVPN NACagent 跨站脚本漏洞 (CVE-2020-5142)
Description:A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remote unauthenticated attacker is able to store and potentially execute arbitrary JavaScript code in the firewall SSLVPN portal. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0.
Description
Reflected XSS found by Burp Suite in several locations on SonicOS 7.0 Sonicwall NSA device.
Readme
# CVE-2020-5142-POC-MB
Reflected XSS found by Burp Suite in several locations on SonicOS 7.0 Sonicwall NSA device.
File Snapshot

 [4.0K]  /data/pocs/867fef1eb3b7465d007ed33738597f1be974440c
├── [ 545]  CVE20205142MB.txt
└── [ 115]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →