Hughes Satellite Router Remote File Inclusion Cross-Frame Scripting
Title: Hughes Satellite Router Remote File Inclusion Cross-Frame Scripting
Advisory ID: ZSL-2022-5743
Type: Local/Remote
Impact: Security Bypass, Exposure of Sensitive Information, Cross-Site Scripting
Risk: (4/5)
Release Date: 28.12.2022
HX90 v6.11.0.5
HX50L v6.10.0.18
HN9460 v8.2.0.48
HN7000S v6.9.0.37
speedtest.html
[2] https://forum.it.mk/threads/hughes-satellite-router-remote-file-inclusion-cross-frame-scripting.82755/
[3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22971
[4] https://nvd.nist.gov/vuln/detail/CVE-2023-22971
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/245814
[6] https://www.exploit-db.com/exploits/51190
[29.12.2022] - Added reference [1] and [2]
[26.01.2023] - Added reference [3] and [4]
[10.02.2023] - Added reference [5]
[10.04.2023] - Added reference [6]
Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2022-5743
Type: Local/Remote
Impact: Security Bypass, Exposure of Sensitive Information, Cross-Site Scripting
Risk: (4/5)
Release Date: 28.12.2022
Summary
The HX200 is a high-performance satellite router designed to provide carrier-grade IP services using dynamically assigned high-bandwidth satellite IP connectivity. The HX200 satellite router provides flexible Quality of Service (QoS) features that can be tailored to the network applications at each individual remote router, such as Adaptive Constant Bit Rate (CBR) bandwidth assignment to deliver high-quality, low jitter bandwidth for real-time traffic such as Voice over IP (VoIP) or videoconferencing. With integrated IP features including RIPv1, RIPv2, BGP, DHCP, NAT/PAT, and DNS Server/Relay functionality, together with a high-performance satellite modem, the HX200 is a full-featured IP Router with an integrated high-performance satellite router. The HX200 enables high- performance IP connectivity for a variety of applications including cellular backhaul, MPLS extension services, virtual leased line, mobile services and other high-bandwidth solutions.Description
The router contains a cross-frame scripting via remote file inclusion vulnerability that may potentially be exploited by malicious users to compromise an affected system. This vulnerability may allow an unauthenticated malicious user to misuse frames, include JS/HTML code and steal sensitive information from legitimate users of the application.Vendor
Hughes Network Systems, LLC - https://www.hughes.comAffected Version
HX200 v8.3.1.14HX90 v6.11.0.5
HX50L v6.10.0.18
HN9460 v8.2.0.48
HN7000S v6.9.0.37
Tested On
WindWeb/1.0Vendor Status
N/APoC
hughes_rfi_xfs.jsspeedtest.html
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] https://packetstormsecurity.com/files/170343/[2] https://forum.it.mk/threads/hughes-satellite-router-remote-file-inclusion-cross-frame-scripting.82755/
[3] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22971
[4] https://nvd.nist.gov/vuln/detail/CVE-2023-22971
[5] https://exchange.xforce.ibmcloud.com/vulnerabilities/245814
[6] https://www.exploit-db.com/exploits/51190
Changelog
[28.12.2022] - Initial release[29.12.2022] - Added reference [1] and [2]
[26.01.2023] - Added reference [3] and [4]
[10.02.2023] - Added reference [5]
[10.04.2023] - Added reference [6]
Contact
Zero Science LabWeb: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk