Logitech Media Server version 8.2.0 suffers from a cross site scripting vulnerability.
# Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)
# Shodan Dork: Search Logitech Media Server
# Date: 12.10.2021
# Exploit Author: Mert Das
# Vendor Homepage: www.logitech.com
# Version: 8.2.0
# Tested on: Windows 10, LinuxPOC:
1. Go to Settings / Interface tab
2. Add payload to Title section
3. Payload : "><img src=1 onerror=alert(1)>
4. Alert will popup
Related posts:
Jason Haddix Joins Flare As Field CISO
Police dismantle pirated TV streaming network that made $5.7 million
Teen with cerebral palsy devastated after students take his electric wheelchair, film themselves rid...
BianLian extortion group claims recent Air Canada breach
IT Pros May Use Cloud, But They Trust On-Prem More