cbcvebase.
CVE-2021-21799
published 2021-07-16

CVE-2021-21799: Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a…

PriorityP344medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
12.29%
95.7th percentile
Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user’s browser. An attacker can provide a crafted URL to trigger this vulnerability.

Affected

1 ranges
VendorProductVersion rangeFixed in
advantechr-seenet

Detection & IOCsextracted from sources · hover to see the quote

url/php/telnet_form.php?hostname=%3C%2Ftitle%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E%3Ctitle%3E
path/php/telnet_form.php
  • HTTP GET request to /php/telnet_form.php with a crafted `hostname` parameter containing URL-encoded XSS payload; look for reflected script content in the response body.
  • Response body contains the string 'Telnet alert(document.domain)' indicating successful XSS reflection in the telnet_form.php page.
  • Shodan query 'http.html:"R-SeeNet"' or 'http.html:"r-seenet"' can be used to identify exposed Advantech R-SeeNet instances.
  • FOFA query 'body="r-seenet"' can be used to identify exposed Advantech R-SeeNet instances.
  • ·The XSS is reflected (not stored); exploitation requires the victim to visit a specially crafted URL, meaning detection should focus on inbound GET requests with encoded script tags in the `hostname` parameter rather than persistent payload storage.

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv3.09.6CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.