Vulnerability Description
The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 is vulnerable to stored XSS in the set_banner() function of /var/www/core/controller/index.php. An unauthenticated attacker may set the contents of the /mnt/jffs2/banner.txt file, stored on the device's filesystem, to contain arbitrary JavaScript. The file contents are then used as part of a welcome/banner message presented to unauthenticated users who visit the login page for the web console. This vulnerability does not occur in the older 1.5.x firmware versions.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mimosa | B5 Firmware | <= 2.8.0.3 |
| Mimosa | B5 | - |
| Mimosa | B5C Firmware | <= 2.8.0.3 |
| Mimosa | B5C | - |
| Mimosa | C5C Firmware | <= 2.8.0.3 |
| Mimosa | C5C | - |
Related Weaknesses (CWE)
References
- https://labs.f-secure.com/advisories/Third Party Advisory
- https://labs.f-secure.com/advisories/mimosa-ptp-devices-multiple-vulnerabilitiesExploitThird Party Advisory
- https://labs.f-secure.com/advisories/Third Party Advisory
- https://labs.f-secure.com/advisories/mimosa-ptp-devices-multiple-vulnerabilitiesExploitThird Party Advisory
FAQ
What is CVE-2020-25205?
CVE-2020-25205 is a vulnerability with a CVSS score of 6.1 (MEDIUM). The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 is vulnerable to stored XSS in the set_banner() function of /var/www/core/controller/index.php. An unauthenticated attacker may set...
How severe is CVE-2020-25205?
CVE-2020-25205 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-25205?
Check the references section above for vendor advisories and patch information. Affected products include: Mimosa B5 Firmware, Mimosa B5, Mimosa B5C Firmware, Mimosa B5C, Mimosa C5C Firmware.