Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Samsung SCX-824 - XSS
[Suggested description]
Samsung printer model "SCX-824" web console is vulnerable to
a reflected Cross-Site-Scripting (XSS) vulnerability which can be
triggered by using "print from file" feature which forward the
user to the following URL:
"http://<PRINTER_IP>/sws/swsAlert.sws?popupid=successMsg&type=alert&bullet=suc&func=&Nfunc=closePopup("successMsg","","")&flag=&frame=&msg="/><script>alert('XSS');</script>
The vulnerable parameter "msg" is not properly encoded before interepred as HTML/JS.
------------------------------------------
[Vulnerability Type]
Cross Site Scriptiong - XSS
------------------------------------------
[Vendor of Product]
HP
------------------------------------------
[Affected Product Code Base]
Samsung printer model "SCX-824"
------------------------------------------
[Affected Component]
Samsung printer model "SCX-824" "print from file" feature
------------------------------------------
[Attack Type]
Remote
------------------------------------------
[Impact Denial of Service]
false
------------------------------------------
[Impact Escalation of Privileges]
true
------------------------------------------
[Impact Information Disclosure]
true
------------------------------------------
[CVE Impact Other]
Privilege escalation, user impersonation using stolen credentials/cookies.
------------------------------------------
[Discoverer]
Elazaar Mohamed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.