CVE-2011-0545

Symantec LiveUpdate Administrator < 2.3 - Cross-Site Request Forgery via adduser.do

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0545. PoCs published by Nikolas Sotiriu.

AI-analyzed exploit summary This exploit demonstrates a CSRF vulnerability in Symantec LiveUpdate Administrator, allowing an attacker to inject HTML/JavaScript or add an admin user via a crafted payload. The script sets up a local server to serve malicious HTML when the victim accesses a specific URL.

Description

Cross-site request forgery (CSRF) vulnerability in adduser.do in Symantec LiveUpdate Administrator (LUA) before 2.3 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts, and possibly have unspecified other impact, via the userRole parameter.

Exploits (1)

exploitdb WORKING POC

by Nikolas Sotiriu · textwebappswindows

https://www.exploit-db.com/exploits/17026

View Code ZIP pw:eip

This exploit demonstrates a CSRF vulnerability in Symantec LiveUpdate Administrator, allowing an attacker to inject HTML/JavaScript or add an admin user via a crafted payload. The script sets up a local server to serve malicious HTML when the victim accesses a specific URL.

Classification

Working Poc 95%

Attack Type

Xss

Complexity

Moderate

Reliability

Reliable

Target: Symantec LiveUpdate Administrator

No auth needed

Prerequisites: Victim must access a crafted URL · Attacker must host a malicious server

MITRE ATT&CK