HTTP: rConfig Network Device Configuration Tool devicemgmt.php Cross-Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against rConfig. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attack.

Extended Description

rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php.

Affected Products

Rconfig rconfig

References

CVE: CVE-2020-12259

Short Name
HTTP:XSS:RCONFIG-NDCT-XSS
Severity
Warning
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2020-12256 CVE-2020-12259 Configuration Cross-Site Device Network Scripting Tool devicemgmt.php rConfig
Release Date
09/03/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Rconfig

CVSS Score

3.5

Found a potential security threat?