Minor Description
Observium is vulnerable to HTML injection via LLDP neighbour discovery. This happens if a port sees a neighbour with a system name of <script>alert('injection!')</script>.
In the "neighbours view" of that port, a yellow triangle will be shown to indicate that autodiscovery is not working properly. Hovering over that triangle will trigger the injected payload.
Keep up the good work! Cheers!
Attachments
Activity
| Resolution | New: Fixed [ 1 ] | |
| Status | Original: In Progress [ 3 ] | New: Resolved [ 5 ] |
| Status | Original: Pending Response [ 10000 ] | New: In Progress [ 3 ] |
| Status | Original: Open [ 1 ] | New: Pending Response [ 10000 ] |
General questions and device support can be discussed in our Discord channel, click here to join.
Please make and attach additional information about the device:
- full snmp dump from device:
snmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -Ih -ObentxU <hostname> .1 > myagent.snmpwalksnmpwalk -v2c -c <community> -t 3 -Cc --hexOutputLength=0 -Ih -ObentxU <hostname> .1.3.6.1.4.1 >> myagent.snmpwalkIf device not support SNMP version 2c, replace -v2c with -v1.
- If you have problems with discovery or poller processes, please do and attach these debugs:
./discovery.php -d -h <device>./poller.php -d -h <device>
- additionally attach device and/or vendor specific MIB files
This comment is added automatically.
Nice work!
A question out of curiosity:
Is this worth registering a CVE for? I'm curious because I reported two similar flaws in LibreNMS, and they went for a CVE in one of the cases but not the other. I would like to hear your opinions on this, if you have the time. Is it a real security vulnerability or is it contrived and artificial?
Thanks!