Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-48197 PoC — AudioCodes MP-202B 安全漏洞

Source
https://github.com/GCatt-AS/CVE-2024-48197
Associated Vulnerability
Title:AudioCodes MP-202B 安全漏洞 (CVE-2024-48197)
Description:Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of the web interface.
Description
Reflected XSS in AudioCodes MP-202b
Readme
# CVE-2024-48197
Reflected XSS in AudioCodes MP-202b
# [Description]
 Cross Site Scripting vulnerability in Audiocodes MP-202b v.4.4.3 allows a remote attacker to escalate privileges via the login page of 
 the web interface.

# [Additional Information]
 N/A

# [Vulnerability Type]
 Cross Site Scripting (XSS) Reflected

# [Vendor of Product]
> Audiocodes

# [Affected Product Code Base]
> MP-202b - 4.4.3 

# [Affected Component]
> Login page of the web interface for the device

# [Attack Type]
> Remote

# [Impact Escalation of Privileges]
> true

# [Attack Vectors]
> A user must be coerced into logging into the application with a specially crafted URL supplied. The specially crafted URL can then be used to capture login details.

# [Discovered By]
Gareth C - AnchorSec
File Snapshot

 [4.0K]  /data/pocs/a45f552fdf52cd798fe8233e08580f864337ed2a
└── [ 778]  README.md

0 directories, 1 file
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →