Prowise Reflect Remote Keystroke Injection Vulnerability
Vulnerability
A remote keystroke injection vulnerability exists in Prowise Reflect version 1.0.9. This vulnerability allows attackers to send keyboard events through an exposed WebSocket on port 8082. By crafting malicious web pages, attackers can inject keystrokes that open applications and type arbitrary text, mimicking the behavior of a physical keyboard.
Impact
Exploitation of this vulnerability allows for remote keystroke injection, enabling attackers to control the victim's keyboard input remotely.
Reproduction
To reproduce this vulnerability, first ensure that Prowise Reflect version 1.0.9 is running on a Windows 10 system. Connect to a Prowise Reflect server. Once connected, open a WebSocket connection to localhost on port 8082. After the connection is established, send WebSocket messages that simulate keyboard events, such as opening applications or typing text. This can be done by injecting keystrokes through the WebSocket, which will be executed as if they were typed on the keyboard.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.