Legrand BTicino Driver Manager Cross-Site Request Forgery and Cross-Site Scripting Vulnerability

A vulnerability in Legrand BTicino Driver Manager F454 version 1.0.51 allows for cross-site request forgery (CSRF) attacks that can change user passwords. Additionally, the application is susceptible to stored cross-site scripting (XSS) by injecting malicious scripts through unvalidated GET parameters. This exploitation can occur without proper request validation, enabling attackers to perform administrative actions on behalf of users.

Impact

Exploitation of this vulnerability could lead to unauthorized administrative actions, including password changes and the injection of malicious scripts that are stored and executed in the context of the user.

Reproduction

To reproduce the CSRF vulnerability, a logged-in user must be tricked into visiting a malicious website that sends a POST request to the password change endpoint with the new password. For the stored XSS vulnerability, the same user can be targeted with a GET request that includes a script payload in the 'server' parameter, which will be executed in their browser session.