CVE-2024-55040
BaseFortify
Publication date: 2025-07-21
Last updated on: 2025-08-07
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sensaphone | web600_firmware | to 1.6.5.H (inc) |
| sensaphone | web600 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2024-55040 is a Cross-Site Scripting (XSS) vulnerability in the Sensaphone WEB600 Monitoring System version 1.6.5.H and earlier. It allows remote attackers to execute arbitrary code by sending specially crafted GET requests to the /@.xml endpoint, injecting malicious scripts into parameters such as g7200, g7300, g4601, and g1F02. These scripts can execute across various parts of the system's web interface, including Setup, Profile, and Zone options. The vulnerability enables attackers, including remote authenticated users, to inject JavaScript payloads that could steal session tokens and escalate privileges, potentially leading to unauthorized system modifications. [2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary scripts on the Sensaphone WEB600 system's web interface. This can lead to theft of session tokens from administrative accounts, privilege escalation, and unauthorized changes to system settings. Such unauthorized access and control could disrupt monitoring operations, compromise environmental data integrity, and potentially cause failures in alarm notifications or device control, affecting the security and reliability of the monitored environment. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious GET requests to the /@.xml endpoint containing the parameters g7200, g7300, g4601, and g1F02 with unusual or encoded payloads. Network intrusion detection systems (NIDS) or web application firewalls (WAF) can be configured to alert on such requests. For manual detection, you can use tools like curl or wget to test the endpoint with crafted payloads. Example command to test injection: curl -G 'http://<target-ip>/@.xml' --data-urlencode 'g7200=<script>alert(1)</script>'. Additionally, reviewing web server logs for unusual GET requests to /@.xml with these parameters can help detect exploitation attempts. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the Sensaphone WEB600 device to trusted private networks only, as recommended by Sensaphone. Disable or limit remote access to the web interface to prevent exposure to untrusted networks. Monitor and filter incoming traffic to block malicious GET requests targeting the /@.xml endpoint with suspicious parameters. Since no patch is confirmed, consider replacing the device with a newer, supported system such as the Sensaphone Sentinel. Additionally, review and tighten user authentication and authorization to reduce risk from lower-privileged authenticated attackers. [3, 1]