CVE-2022-21145
published 2022-04-14CVE-2022-21145: A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request…
PriorityP336medium4.8CVSS 3.1
AVNACLPRHUIRSCCLILAN
EPSS
77.16%
99.5th percentile
A stored cross-site scripting vulnerability exists in the WebUserActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lansweeper | lansweeper | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
SID 58884 - 58894
- →Monitor for specially crafted HTTP requests targeting WebUserActions.aspx that contain JavaScript payload injection attempts (stored XSS). ↗
- →Exploitation of CVE-2022-21145 (TALOS-2022-1442) is detectable via Snort SIDs 58884–58894; ensure Cisco Secure Firewall / Snort ruleset is current. ↗
- ·Exploitation requires the attacker to be authenticated with proper permissions on the Lansweeper instance. ↗
- ·Only Lansweeper version 9.1.20.2 is confirmed vulnerable; version 9.2.0 contains the fix. ↗
CVSS provenance
nvdv3.14.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
nvdv3.09.1CRITICALCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
blogs_talos·2022-02-24·CVSS 4.8
[MEDIUM] Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
## Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device.
Lansweeper gathers the hardware and software information of computers and other devices on a computer network for management, compliance and audit purposes. There are vulnerabilities in multiple .aspx files contained in Lansweeper that, if targeted correctly, could allow an adversary to inject malicious code.
TALOS-2022-1441 (CVE-2022-22149), TALOS-2022-1443 (CVE-2022-21234) and TALOS-2022-1444 (CVE-2022-21210) can all be triggered
Talos
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
blogs_talos·2022-02-24·CVSS 4.8
[MEDIUM] Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device.
Lansweeper gathers the hardware and software information of computers and other devices on a computer network for management, compliance and audit purposes. There are vulnerabilities in multiple .aspx files contained in Lansweeper that, if targeted correctly, could allow an adversary to inject malicious code.
TALOS-2022-1441 (CVE-2022-22149), TALOS-2022-1443 (CVE-2022-21234) and TALOS-2022-1444 (CVE-2022-21210) can all be triggered if the attacker sends the targeted device a specially crafted HTTP request. The HTTP request can tri
2022-04-14
Published