Published: 17/09/2020 Updated: 21/07/2021

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated malicious user to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys. This payload will execute each time a user opens an affected web page. This could be exploited in conjunction with CVE-2020-13259.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rad secflow-1v_firmware os-image_sf_0290_2.3.01.26

RAD SecFlow-1v version SF_0290_230126 suffers from a persistent cross site scripting vulnerability ...

RAD SecFlow-1v version SF_0290_230126 suffers from a cross site request forgery vulnerability ...

PoC of Full Account Takeover on RAD SecFlow-1v

CVE-2020-13259 PoC of Full Account Takeover on RAD SecFlow-1v A vulnerability in the web-based management interface of RAD SecFlow-1v could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system The vulnerability is due to insufficient CSRF protections for the web UI on an affected device An attacker could exploit

CWE-79 CWE-434 https://www.rad.com/products/secflow-1v-IIoT-Gateway#panels-ipe-paneid-143837 https://cxsecurity.com/issue/WLB-2020090063 https://www.exploit-db.com/exploits/48807 https://nvd.nist.gov https://github.com/UrielYochpaz/CVE-2020-13259 https://packetstormsecurity.com/files/159166/RAD-SecFlow-1v-SF_0290_2.3.01.26-Cross-Site-Scripting.html

CVE-2020-13260

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect