Headline
CVE-2022-25575: Parking-management-systemXSS-/README.md at main · zangcc/Parking-management-systemXSS-
Multiple cross-site scripting (XSS) vulnerabilities in Parking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via crafted payloads injected into the user name, password, and verification code text boxes.
Parking-management-systemXSS-
XSS vulnerability details Vulnerability Title: There are multiple cross site script attack vulnerabilities in the intelligent parking lot management system of Hongmen Intelligent Technology Co., Ltd
Manufacturer information: Company information: Hongmen Intelligent Technology Co., Ltd
Registered capital: RMB 61.99 million
Date of establishment: 2007-07-04
Registered address: Floor 4, building 1, Hongmen Industrial Park, Jihua Road, Shuijing, Buji, Longgang District, Shenzhen
Business scope: General business items include: intelligent parking lot management system, access control and traffic management system, security management system, mechatronics products, electric telescopic doors, industrial and commercial electric doors and windows, sliding doors, revolving doors, road gates, flagpoles, traffic facilities, security products, social and public security equipment (metal safety doors and windows, prison bed, interrogation chair, intelligent high-voltage power grid) R & D, production, processing, sales, installation, after-sales service and maintenance of hardware products, and technical development of computer hardware and software (excluding restricted items); Setting up industry (specific projects will be reported separately); Domestic trade (excluding monopoly, exclusive control and monopoly commodities); Import and export of goods and technology; Construction of construction works; House leasing (excluding financial leasing business). (except for the items prohibited by laws, administrative regulations and decisions of the State Council, the restricted items can be operated only after obtaining permission).
Official website of the company: http://www.hongmen.com/index.html
The vulnerable products are:
contact information: Address: Hongmen Science Park, Hongmen Road, Jihua street, Longgang District, Shenzhen, Guangdong, China Postal Code: 518129 Tel: + 86 755 28770313 Fax: + 86 755 28770153 Purchase service hotline: electric door, gate, fence, etc. 400-8844-668 Purchase service hotline: parking lot system, access gate, access control, etc. 400-7009-008 Vulnerability Description:
Founded in 1997, Hongmen is a national high-tech enterprise integrating R & D, production, sales, installation and service of electromechanical integrated products such as electric telescopic door, intelligent access management system, translation door, gate, balcony guardrail and fence. It is committed to providing intelligent, safe and fashionable products and overall solutions for access management. There is a vulnerability in the Red Gate intelligent parking lot management system. An attacker can use this vulnerability to obtain sensitive information, and can also use this vulnerability to obtain sensitive information such as administrator cookies. 1.Enterprise vulnerability URL: http://218.104.69.170:9001/
The home page is shown in the figure above. There are three vulnerabilities. XSS statements can be inserted into the boxes of user name, password and verification code, resulting in the disclosure of users’ cookies. After testing, three different places can be determined to be represented by parameters user, PWD and ident respectively. Direct get request can cause attack. ①http://218.104.69.170:9001/?user=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Clicking directly on the browser can cause the disclosure of user cookies, as shown in the figure above. ②在密码框处插入的情况: http://218.104.69.170:9001/?pwd=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
The page successfully returned the user cookie value ③: http://218.104.69.170:9001/?ident=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E