Apeman ID71 Cross-Site Scripting Vulnerability in Alias Management

A cross-site scripting (XSS) vulnerability has been identified in the Apeman ID71 camera, running firmware version EN75.8.53.20. The issue arises in the '/set_alias.cgi' file, where the 'alias' parameter is not properly sanitized before being output as a JavaScript string. This flaw allows authenticated users to inject malicious scripts that could be executed in the context of other users' browsers, potentially leading to session hijacking and unauthorized actions within their accounts.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the affected page. This could result in session hijacking and unauthorized actions being performed in the victim's account.

Reproduction

To reproduce this vulnerability, an authenticated user must send a request to '/set_alias.cgi' with a crafted 'alias' parameter that includes a script payload, such as a JavaScript alert. After the alias is set, the user can retrieve the stored value using '/get_status.cgi', which will reflect the injected script payload, demonstrating the successful exploitation of the XSS vulnerability.