CVE-2023-46344

A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References

Link	Resource
http://solar-log.com	Product
https://github.com/vinnie1717/CVE-2023-46344/blob/main/Solar-Log%20XSS	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:h:solar-log:2000_pm\+:-:*:*:*:*:*:*:*

cpe:2.3:o:solar-log:2000_pm\+_firmware:15.10.2019:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-02-02 02:15

Updated : 2024-02-09 19:43

NVD link : CVE-2023-46344

Mitre link : CVE-2023-46344

CVE.ORG link : CVE-2023-46344

JSON object : View

Products Affected

solar-log

2000_pm\+_firmware
2000_pm\+

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2023-46344", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2024-02-02T02:15:16.537", "references": [{"url": "http://solar-log.com", "tags": ["Product"], "source": "cve@mitre.org"}, {"url": "https://github.com/vinnie1717/CVE-2023-46344/blob/main/Solar-Log%20XSS", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting (XSS) vulnerability in the switch group function under /#ilang=DE&b=c_smartenergy_swgroups in the web portal. The vulnerability can be exploited to gain the rights of an installer or PM, which can then be used to gain administrative access to the web portal and execute further attacks."}, {"lang": "es", "value": "Una vulnerabilidad en Solar-Log Base 15 Firmware 6.0.1 Build 161, y posiblemente en otros productos Solar-Log Base, permite a un atacante escalar sus privilegios explotando una vulnerabilidad de cross-site scripting (XSS) almacenada en la funci\u00f3n de grupo de conmutadores en / #ilang=DE&b=c_smartenergy_swgroups en el portal web. La vulnerabilidad se puede aprovechar para obtener los derechos de un instalador o PM, que luego se puede utilizar para obtener acceso administrativo al portal web y ejecutar m\u00e1s ataques."}], "lastModified": "2024-02-09T19:43:40.177", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:solar-log:2000_pm\\+:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A8E94086-68EC-4BAF-AB40-F2F4E679F761"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:solar-log:2000_pm\\+_firmware:15.10.2019:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CFA48BC-724C-49F9-8FD6-5BBECD34C585"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}