CVE-2021-31682

MEDIUM NUCLEI

Automated Logic WebCTRL < 6.5 - Reflected Cross-Site Scripting via operatorlocale Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-31682. PoCs published by 3ndG4me. A Nuclei detection template is also available.

AI-analyzed exploit summary The exploit describes a reflected XSS vulnerability in WebCTRL OEM 6.5 and below, where the 'operatorlocale' GET parameter is not sanitized, allowing arbitrary JavaScript execution. The PoC demonstrates this via a crafted URL with an embedded script tag.

Description

The login portal for the Automated Logic WebCTRL/WebCTRL OEM web application contains a vulnerability that allows for reflected XSS attacks due to the operatorlocale GET parameter not being sanitized. This issue impacts versions 6.5 and below. This issue works by passing in a basic XSS payload to a vulnerable GET parameter that is reflected in the output without sanitization.

Exploits (1)

exploitdb WRITEUP

by 3ndG4me · textwebappsmultiple

https://www.exploit-db.com/exploits/50463

View Code ZIP pw:eip

The exploit describes a reflected XSS vulnerability in WebCTRL OEM 6.5 and below, where the 'operatorlocale' GET parameter is not sanitized, allowing arbitrary JavaScript execution. The PoC demonstrates this via a crafted URL with an embedded script tag.

Classification

Writeup 100%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Automated Logic WebCTRL OEM 6.5 and below

No auth needed

Prerequisites: Access to the login portal URL

MITRE ATT&CK

T1059.007 - JavaScript

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

WebCTRL OEM <= 6.5 - Cross-Site Scripting

MEDIUMby gy741,dhiyaneshDk

Shodan: html:"/_common/lvl5/dologin.jsp" || http.html:"/_common/lvl5/dologin.jsp"

FOFA: body="/_common/lvl5/dologin.jsp"

References (3)

Core 3

Core References

Vendor Advisory x_refsource_misc

https://www.automatedlogic.com/en/products-services/webctrl-building-automation-system/

Exploit, Third Party Advisory x_refsource_misc

https://github.com/3ndG4me/WebCTRL-OperatorLocale-Parameter-Reflected-XSS

View Exploit ZIP pw:eip

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/164707/WebCTRL-OEM-6.5-Cross-Site-Scripting.html

Scores

CVSS v3 6.1

EPSS 0.1051

EPSS Percentile 95.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

automatedlogic/webctrl < 6.5

Published Oct 22, 2021

Tracked Since Feb 18, 2026