Bug Hunting Stories: Schneider Electric & The Andover Continuum Web.Client
Common Information
Type Value
UUID 85aa6a17-52a4-4720-be39-d76a544651da
Fingerprint bdb18dd3c437ff85
Analysis status DONE
Considered CTI value 2
Text language
Published May 27, 2020, midnight
Added to db Dec. 18, 2024, 7:34 p.m.
Last updated Dec. 23, 2024, 12:27 a.m.
Headline Bug Hunting Stories: Schneider Electric & The Andover Continuum Web.Client
Title Bug Hunting Stories: Schneider Electric & The Andover Continuum Web.Client
Detected Hints/Tags/Attributes 56/1/27
Attributes
Details Type #Events CTI Value
Details CVE 1
cve-2020-7480
Details CVE 1
cve-2020-7481
Details CVE 1
cve-2020-7482
Details Domain 7
vulnerable.com
Details Domain 1
andovercontrols.com
Details Domain 36
schemas.xmlsoap.org
Details Domain 94
attacker.com
Details Domain 4
www.se.com
Details Domain 137
portswigger.net
Details Domain 5
www.notsosecure.com
Details File 1
acdev.asmx
Details File 36
schemas.xml
Details File 62
win.ini
Details File 1
ping.aspx
Details File 1
reporteditor.aspx
Details Url 1
https://vulnerable.com/webclient/acdev.asmx
Details Url 1
http://andovercontrols.com/pyramid/acdevservices/processrequest
Details Url 28
http://schemas.xmlsoap.org/soap/envelope
Details Url 1
http://andovercontrols.com/pyramid/acdevservices
Details Url 1
http://attacker.com/evil.dtd
Details Url 1
http://attacker.com/?file=%file
Details Url 1
https://vulnerable.com/acccommon/ping.aspx?user=1&webclientname=2&vd=3
Details Url 1
https://vulnerable.com/acccommon/reporteditor.aspx?cmd=view&ext=true&idh
Details Url 1
https://www.se.com/ww/en/download/document/sevd-2020-070-04
Details Url 2
https://portswigger.net/web-security/xxe
Details Url 5
https://portswigger.net/web-security/cross-site-scripting
Details Url 1
https://www.notsosecure.com/oob-exploitation-cheatsheet