CVE-2024-28741

Published: 06/04/2024 Updated: 08/04/2024

Cross Site Scripting vulnerability in EginDemirbilek NorthStar C2 v1 allows a remote malicious user to execute arbitrary code via the login.php component.

NorthStar C2 agent version 10 applies insufficient sanitization on agent registration routes, allowing an unauthenticated attacker to send multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page This cross site scripting payload can be leveraged to execute comma ...

NorthStar C2, prior to commit 7674a44 on March 11 2024, contains a vulnerability where the logs page is vulnerable to a stored cross site scripting issue An unauthenticated user can simulate an agent registration to cause the cross site scripting attack and take over a users session With this access, it is then possible to run a new payload on al ...

NorthStar C2 agent RCE via stored XSS Agent RCE PoC for CVE-2024-28741, a stored XSS vulnerability in NorthStar C2 This exploit works by sending multiple malicious agent registration requests to the teamserver to incrementally build a functioning javascript payload in the logs web page This XSS can be leveraged to execute commands on NorthStar C2 agents Full explanation: http

https://github.com/EnginDemirbilek/NorthStarC2 https://packetstormsecurity.com/files/177542/NorthStar-C2-Agent-1.0-Cross-Site-Scripting-Remote-Command-Execution.html https://blog.chebuya.com/posts/discovering-cve-2024-28741-remote-code-execution-on-northstar-c2-agents-via-pre-auth-stored-xss/https://nvd.nist.gov https://github.com/chebuya/CVE-2024-28741-northstar-agent-rce-poc https://packetstormsecurity.com/files/177542/NorthStar-C2-Agent-1.0-Cross-Site-Scripting-Remote-Command-Execution.html

CVE-2024-28741

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect