VULHUB ™

### Summary Uncompromising security and performance for emerging large organizations. The NSA 6600 network security appliance delivers best-in-class protection, speed and scalability with 12 Gbps throughput and up to 6000 VPN clients. ### Description SonicWALL NSA suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'curUserName' GET parameter in the 'appFirewallSummary.html' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session. ### Vendor Dell Inc. - https://www.sonicwall.com/products/sonicwall-nsa/ ### Affected Version * NSA 6600 running SonicOS Enhanced 6.2.4.3-31n * WXA 4000 running 1.3.2.0-07 * SafeMode 6.1.0.11 ### Tested On * SonicWALL * MySQL/5.0.96-community-nt * Apache-Coyote/1.1 * Apache Tomcat 6.0.41 ### PoC ``` https://127.0.0.1/appFirewallSummary.html?curSrcAddrString=&curTSAIdNum=0&curUserName=test";alert('XSS')// ```

### Summary Uncompromising security and performance for emerging large organizations. The NSA 6600 network security appliance delivers best-in-class protection, speed and scalability with 12 Gbps throughput and up to 6000 VPN clients. ### Description SonicWALL NSA suffers from a XSS issue due to a failure to properly sanitize user-supplied input to the 'curUserName' GET parameter in the 'appFirewallSummary.html' script. Attackers can exploit this weakness to execute arbitrary HTML and script code in a user's browser session. ### Vendor Dell Inc. - https://www.sonicwall.com/products/sonicwall-nsa/ ### Affected Version * NSA 6600 running SonicOS Enhanced 6.2.4.3-31n * WXA 4000 running 1.3.2.0-07 * SafeMode 6.1.0.11 ### Tested On * SonicWALL * MySQL/5.0.96-community-nt * Apache-Coyote/1.1 * Apache Tomcat 6.0.41 ### PoC ``` https://127.0.0.1/appFirewallSummary.html?curSrcAddrString=&curTSAIdNum=0&curUserName=test";alert('XSS')// ```