Description: Cross Site Scripting vulnerability in Microworld Technologies eScan Management console v.14.0.1400.2281 allows a remote attacker to execute arbitrary code via a vulnerable parameter GrpPath .
Vulnerable Product Version: 14.0.1400.2281
Date: 23/06/2023
CVE: CVE-2023-34837
CVE Author: Sahil Ojha
Vendor Homepage: https://www.escanav.com
Software Link: https://cl.escanav.com/ewconsole.dll
Tested on: Windows
Steps to reproduce:
-
Login into the eScan Management Console with a valid user credential. Here, escan management console is on internal network.
-
Navigate to "Unmanaged Computers >> Network Computers" feature.
-
Capture the POST request in burpsuite and inject the XSS paylaod into "GrpPath" parameter as shown in fugure below.
-
After forwarding the request, an XSS alert will pop up with user session cookie.
