{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2024-36494", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "state": "PUBLISHED", "assignerShortName": "SEC-VLab", "dateReserved": "2024-05-29T06:48:49.688Z", "datePublished": "2024-12-12T12:51:14.761Z", "dateUpdated": "2025-11-03T21:55:19.162Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Scan2Net", "vendor": "Image Access GmbH", "versions": [{"changes": [{"at": "7.42B", "status": "unaffected"}], "lessThan": "7.42B", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"}, {"lang": "en", "type": "finder", "value": "Tobias Niemann (SEC Consult Vulnerability Lab)"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p></p><div><div><div><div><p>Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in. This makes it ideal for login form phishing attempts.</p></div></div></div></div><p></p>"}], "value": "Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in. This makes it ideal for login form phishing attempts."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>"}], "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory."}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2024-12-12T13:58:15.953Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://r.sec-consult.com/imageaccess"}, {"tags": ["patch"], "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The vendor provides a firmware update to version 7.42B (or higher) which can be downloaded via the vendor's customer server portal.</span><br>"}], "value": "The vendor provides a firmware update to version 7.42B (or higher) which can be downloaded via the vendor's customer server portal."}], "source": {"discovery": "UNKNOWN"}, "title": "Reflected Cross Site Scripting", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-12-12T15:13:52.373592Z", "id": "CVE-2024-36494", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-12T15:14:12.504Z"}}, {"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Dec/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:55:19.162Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Dec/2"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-03T21:55:19.162Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 4.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-36494", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-12-12T15:13:52.373592Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-12-12T15:14:04.774Z"}}], "cna": {"title": "Reflected Cross Site Scripting", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Daniel Hirschberger (SEC Consult Vulnerability Lab)"}, {"lang": "en", "type": "finder", "value": "Tobias Niemann (SEC Consult Vulnerability Lab)"}], "impacts": [{"capecId": "CAPEC-63", "descriptions": [{"lang": "en", "value": "CAPEC-63 Cross-Site Scripting (XSS)"}]}], "affected": [{"vendor": "Image Access GmbH", "product": "Scan2Net", "versions": [{"status": "affected", "changes": [{"at": "7.42B", "status": "unaffected"}], "version": "0", "lessThan": "7.42B", "versionType": "custom"}], "defaultStatus": "affected"}], "exploits": [{"lang": "en", "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.", "supportingMedia": [{"type": "text/html", "value": "The SEC Consult Vulnerability Lab has published proof of concept material in the technical security advisory.<br>", "base64": false}]}], "solutions": [{"lang": "en", "value": "The vendor provides a firmware update to version 7.42B (or higher) which can be downloaded via the vendor's customer server portal.", "supportingMedia": [{"type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">The vendor provides a firmware update to version 7.42B (or higher) which can be downloaded via the vendor's customer server portal.</span><br>", "base64": false}]}], "references": [{"url": "https://r.sec-consult.com/imageaccess", "tags": ["third-party-advisory"]}, {"url": "https://www.imageaccess.de/?page=SupportPortal&lang=en", "tags": ["patch"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in. This makes it ideal for login form phishing attempts.", "supportingMedia": [{"type": "text/html", "value": "<p></p><div><div><div><div><p>Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in. This makes it ideal for login form phishing attempts.</p></div></div></div></div><p></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "shortName": "SEC-VLab", "dateUpdated": "2024-12-12T13:58:15.953Z"}}}, "cveMetadata": {"cveId": "CVE-2024-36494", "state": "PUBLISHED", "dateUpdated": "2025-11-03T21:55:19.162Z", "dateReserved": "2024-05-29T06:48:49.688Z", "assignerOrgId": "551230f0-3615-47bd-b7cc-93e92e730bbf", "datePublished": "2024-12-12T12:51:14.761Z", "assignerShortName": "SEC-VLab"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The login page at /cgi/slogin.cgi suffers from XSS due to improper input filtering of the -tsetup+-uuser parameter, which can only be exploited if the target user is not already logged in. This makes it ideal for login form phishing attempts."}, {"lang": "es", "value": "Debido a la falta de desinfecci\u00f3n de entrada, un atacante puede realizar ataques cross-site-scripting y ejecutar c\u00f3digo JavaScript arbitrario en el navegador de otros usuarios. La p\u00e1gina de inicio de sesi\u00f3n en /cgi/slogin.cgi sufre XSS reflejado debido al filtrado de entrada incorrecto del par\u00e1metro -tsetup+-uuser, que solo se puede explotar si el usuario de destino a\u00fan no ha iniciado sesi\u00f3n, lo que lo hace ideal para intentos de phishing en el formulario de inicio de sesi\u00f3n."}], "id": "CVE-2024-36494", "lastModified": "2025-11-03T22:16:59.180", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-12-12T13:15:10.160", "references": [{"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://r.sec-consult.com/imageaccess"}, {"source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "url": "https://www.imageaccess.de/?page=SupportPortal&lang=en"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/fulldisclosure/2024/Dec/2"}], "sourceIdentifier": "551230f0-3615-47bd-b7cc-93e92e730bbf", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "551230f0-3615-47bd-b7cc-93e92e730bbf", "type": "Secondary"}]}

{}