CVE-2014-2908 PoC — Siemens SIMATIC S7-1200 CPU设备跨站脚本漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2014/CVE-2014-2908.yaml

Associated Vulnerability

Title:Siemens SIMATIC S7-1200 CPU设备跨站脚本漏洞 (CVE-2014-2908)
Description:Siemens SIMATIC S7-1200是德国西门子（Siemens）公司的一款应用于中小型自动化系统中的可编程逻辑控制器（PLC）。 Siemens SIMATIC S7-1200 CPU设备2.x和3.x版本的集成的Web服务器中存在跨站脚本漏洞。远程攻击者可利用该漏洞注入任意Web脚本或HTML。

Description

A cross-site scripting vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

File Snapshot


 id: CVE-2014-2908

info:
  name: Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting
  author: daffai

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!