CVE-2024-28142

MEDIUM

Scan2Net < 7.40 - Unauthenticated Stored Cross-Site Scripting via File Name Parameter

Title source: llm
STIX 2.1

Description

Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "File Name" page (/cgi/uset.cgi?-cfilename) in the User Settings menu improperly filters the "file name" and wildcard character input field. By exploiting the wildcard character feature, attackers are able to store arbitrary Javascript code which is being triggered if the page is viewed afterwards, e.g. by higher privileged users such as admins. This attack can even be performed without being logged in because the affected functions are not fully protected. Without logging in, only the file name parameter of the "Default" User can be changed.

References (3)

Core 3
Core References
Various Sources third-party-advisory
https://r.sec-consult.com/imageaccess

Scores

CVSS v3 4.7
EPSS 0.0045
EPSS Percentile 36.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact partial

Details

CWE
CWE-79
Status published
Products (1)
Image Access GmbH/Scan2Net < 7.40
Published Dec 12, 2024
Tracked Since Feb 18, 2026