CVE-2024-48461 - TeslaLogger Admin Panel Multiple XSS Vulnerabilities

Description

The TeslaLogger Admin Panel Web Application has been identified to contain multiple cross-site scripting (XSS) vulnerabilities, including both Stored and Reflected XSS, which can be exploited by an attacker to inject malicious scripts into the web application. These vulnerabilities allow attackers to perform actions such as stealing session cookies, defacing web pages, and potentially taking over user accounts.

Affected Asset

• Asset Type: Web Application
• Application: TeslaLogger Admin Panel

Vulnerability Details

1. Stored Cross-Site Scripting (XSS)

Severity: High

Description: The TeslaLogger Admin Panel allows user input to be stored without proper validation or sanitization in the "New Journey" field. Malicious payloads can be injected into this field, which will execute whenever accessed by another user.

Vulnerable URL: http://host:8888/admin/journeys.php

2. Reflected Cross-Site Scripting (XSS)

Severity: Medium

Description: The application does not properly sanitize user inputs, allowing malicious scripts to be reflected and executed within the victim's browser.

Vulnerable URLs:

• http://host:8888/admin/abrp.php?carid="><img src=x onerror=alert(1)>
• http://host:8888/wakeup.php?id=shine"/><script>alert(1)</script>

Steps to Reproduce

Stored XSS:

1. Open the vulnerable URL: http://host:8888/admin/journeys.php
2. Add a new journey with the following payload as the Journey name: " /><img src=x onerror=alert(1)>
3. Save the journey and observe that the payload is executed when viewed by other users.

Reflected XSS:

1. Open one of the vulnerable URLs provided above in a browser.
2. Observe the malicious JavaScript being executed in the victim’s browser.

Status

Fixed

Credits

Discovered by: Mohammed Shine