关键信息 Title: Legrand BTicino Driver Manager F454 1.0.51 Authenticated Stored XSS Exploit Advisory ID: ZSL-2019-5522 Type: Local/Remote Impact: Cross-Site Scripting Risk: 3/5 Release Date: 15.05.2019 Summary Audio/video web server for remote control using web pages or the MY HOME portal. Description Authenticated stored XSS via GET request. Input via the parameter 'server' is not properly sanitized before being returned to the user, allowing arbitrary HTML and script code execution. Vendor BTicino S.p.A. - Affected Version Hardware Platform: F454 Firmware version: 1.0.51 Driver Manager version: 1.1.14 Tested On Apache/2.2.14 (Unix) OpenSSL/1.0.0d PHP/5.1.6 Vendor Status 30.04.2019: Vulnerability discovered. 01.05.2019: Vendor contacted. 01.05.2019: Vendor responds, employee will contact. 14.05.2019: No reply. 15.05.2019: Public security advisory released. PoC legrand_xss.html Credits Gjoko Krstic - References 1. 2. 3. Changelog 15.05.2019: Initial release 17.05.2019: Added reference 2 and 3