CVE-2021-31589

MEDIUM EXPLOITED NUCLEI

BeyondTrust Appliance Base Software < 6.0.1 - Unauthenticated Cross-Site Scripting

Title source: llm

Exploitation Summary

CVE-2021-31589 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including karthi-the-hacker. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a Node.js-based scanner for detecting CVE-2021-31589, a reflected XSS vulnerability in the login page of certain appliances. The tool sends a crafted payload to the target URL and checks for the presence of the injected script in the response.

Description

A cross-site scripting (XSS) vulnerability has been reported and confirmed for BeyondTrust Secure Remote Access Base Software version 6.0.1 and older, which allows the injection of unauthenticated, specially-crafted web requests without proper sanitization.

Exploits (1)

nomisec SCANNER 1 stars

by karthi-the-hacker · client-side

https://github.com/karthi-the-hacker/CVE-2021-31589

View Code ZIP pw:eip

This repository contains a Node.js-based scanner for detecting CVE-2021-31589, a reflected XSS vulnerability in the login page of certain appliances. The tool sends a crafted payload to the target URL and checks for the presence of the injected script in the response.

Classification

Scanner 95%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Unknown appliance (likely a network or security appliance with a web interface)

No auth needed

Prerequisites: Network access to the target appliance's login page

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

BeyondTrust Secure Remote Access Base <=6.0.1 - Cross-Site Scripting

MEDIUMby Ahmed Abou-Ela,r3Y3r53

Shodan: set-cookie: nsbase_session

References (3)

Core 3

Core References

Release Notes, Vendor Advisory x_refsource_misc

https://www.beyondtrust.com/docs/release-notes/index.htm

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/165408/BeyondTrust-Remote-Support-6.0-Cross-Site-Scripting.html

Exploit, Issue Tracking, Third Party Advisory x_refsource_misc

https://cxsecurity.com/issue/WLB-2022010013

Scores

CVSS v3 6.1

EPSS 0.2831

EPSS Percentile 97.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

VulnCheck KEV 2022-08-19

CWE

CWE-79

Status published

Products (1)

beyondtrust/appliance_base_software < 6.0.1

Published Jan 05, 2022

Tracked Since Feb 18, 2026