CVE-2017-9387

Name of the Vulnerable Software and Affected Versions Vera VeraEdge version 1.7.19 Vera Veralite version 1.7.481

Description An issue was discovered in Vera devices, where a shell script called relay.sh logs parameters to a file called log.relay in the /tmp folder. These logs can be read by a user using a script called log.sh, which displays the logs with content-type text/html and passes them through the ansi2html binary to convert character text, including HTML meta-characters, for display in the browser. This allows an attacker to store an XSS payload in the log files, enabling the payload when a user navigates to the log.sh script and allowing the attacker to execute malicious code on the user's browser.

Recommendations For Vera VeraEdge version 1.7.19, consider disabling the log.sh script until a patch is available to prevent the execution of malicious payloads. For Vera Veralite version 1.7.481, restrict access to the log.relay file in the /tmp folder to minimize the risk of exploitation. As a temporary workaround, avoid using the log.sh script until the issue is resolved.