CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-5420

Medium Severity
SVRS
30/100
CVSSv3
NA/10
EPSS
0.32621/1

CVE-2024-5420: Cross-Site Scripting (XSS) vulnerability found in SEH Computertechnik products. This vulnerability affects the utnserver Pro, utnserver ProMAX, and INU-100 web interfaces, specifically versions 20.1.22 and below, due to missing input validation. Successful exploitation allows for stored XSS attacks, potentially enabling attackers to inject malicious scripts into the web application viewed by other users. Although the CVSS score is 0, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a low but non-negligible risk. This issue stems from CWE-79. While the immediate risk might be low, XSS attacks can lead to account compromise and data theft, highlighting the importance of patching this security flaw. Organizations using affected SEH Computertechnik products should update to the latest versions to mitigate the risk of exploitation.

TAGS
No tags available
VECTOR STRING
PUBLICATION DATE2024-06-04
LAST MODIFIED2024-06-10
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-5420 is a stored Cross-Site Scripting (XSS) vulnerability in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, and SEH Computertechnik INU-100 web interface. This vulnerability allows an attacker to inject arbitrary web scripts into the vulnerable web application, potentially leading to account takeover, sensitive data theft, or malware execution. The SVRS for this vulnerability is 40, indicating a moderate level of risk.

Key Insights

  • Exploitation: Active exploits have been published for this vulnerability, making it a high-priority target for attackers.
  • Threat Actors: This vulnerability is actively exploited by threat actors, including APT groups.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of this vulnerability, calling for immediate and necessary measures.
  • In the Wild: This vulnerability is actively exploited by hackers in the wild.

Mitigation Strategies

  • Update Software: Update the affected software to the latest version (20.1.23 or later) to patch the vulnerability.
  • Implement Input Validation: Implement proper input validation mechanisms to prevent malicious scripts from being injected into the web application.
  • Use a Web Application Firewall (WAF): Deploy a WAF to block malicious requests and protect against XSS attacks.
  • Educate Users: Educate users about the risks of XSS attacks and encourage them to be cautious when interacting with untrusted websites.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-5420 | SEH Computertechnik utnserver Pro/utnserver ProMAX/INU-100 up to 20.1.22 Web Interface cross site scripting
vuldb.com2025-03-26
CVE-2024-5420 | SEH Computertechnik utnserver Pro/utnserver ProMAX/INU-100 up to 20.1.22 Web Interface cross site scripting | A vulnerability, which was classified as problematic, has been found in SEH Computertechnik utnserver Pro, utnserver ProMAX and INU-100 up to 20.1.22. This issue affects some unknown processing of the component Web Interface. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-5420<
vuldb.com
rss
forum
news
CyberDanube Security Research 20240604-0 | Multiple Vulnerabilities in utnserver Pro/ProMAX/INU-100
2024-06-09
CyberDanube Security Research 20240604-0 | Multiple Vulnerabilities in utnserver Pro/ProMAX/INU-100 | Posted by Thomas Weber via Fulldisclosure on Jun 09CyberDanube Security Research 20240604-0 ------------------------------------------------------------------------------- title| Multiple Vulnerabilities product| SEH utnserver Pro/ProMAX / INU-100 vulnerable version| 20.1.22 fixed version| 20.1.28 CVE number| CVE-2024-5420, CVE-2024-5421, CVE-2024-5422 impact| High homepage| https://www.seh-technology.com/...
cve-2024-5421
cve-2024-5422
cve-2024-5420
domains

Social Media

(CVE-2024-5420: 8.3/HIGH) Vulnerability alert: SEH Computertechnik servers are susceptible to stored XSS due to missing input validation in web interfaces https://t.co/3tz1OogRJx #CVE https://t.co/aFJ6DO9DnD
0
0
1

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
[email protected]http://seclists.org/fulldisclosure/2024/Jun/4
[email protected]https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html
GITHUBhttp://seclists.org/fulldisclosure/2024/Jun/4
GITHUBhttps://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/index.html

CWE Details

CWE IDCWE NameDescription
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence