CVE-2008-1180

Juniper Networks Secure Access 2000 5.5 R1 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-1180. PoCs published by Richard Brain.

AI-analyzed exploit summary This exploit demonstrates a reflected XSS vulnerability in Juniper Networks Secure Access 2000 by injecting malicious JavaScript via the 'delivery_mode' parameter in the URL. The PoC shows how arbitrary script code can be executed in the context of the affected site.

Description

Cross-site scripting (XSS) vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the delivery_mode parameter.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Richard Brain · textremotehardware

https://www.exploit-db.com/exploits/31311

View Code ZIP pw:eip

This exploit demonstrates a reflected XSS vulnerability in Juniper Networks Secure Access 2000 by injecting malicious JavaScript via the 'delivery_mode' parameter in the URL. The PoC shows how arbitrary script code can be executed in the context of the affected site.

Classification

Working Poc 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Juniper Networks Secure Access 2000 5.5R1 Build 11711

No auth needed

Prerequisites: Access to the target URL · User interaction to trigger the payload

MITRE ATT&CK