Raffaella Robles

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct version 22 **Description** A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the "/netact/sct" dir parameter in conjunction with the `operation`=`upload` value. **Recommendations** For Nokia NetAct version 22, restrict access to the "/netact/sct" endpoint to prevent arbitrary file uploads until a patch is available. As a temporary workaround, consider disabling the file upload functionality in the Site Configuration Tool section to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct version 22 **Description** An issue was discovered in the Site Configuration Tool website section, where a malicious user can change the filename of an uploaded file to include JavaScript code. This code is then stored and executed by a victim's web browser. The most common mechanism for delivering malicious content is to include it as a parameter in a URL that is posted publicly or e-mailed directly to victims. The API endpoint "/netact/sct" with the `filename` parameter is used for this purpose. **Recommendations** For Nokia NetAct version 22, consider disabling the ability to upload files through the Site Configuration Tool website section until a patch is available. Restrict access to the "/netact/sct" API endpoint to minimize the risk of exploitation. Avoid using the `filename` parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct version 18A **Description** A malicious user can modify the filename of an uploaded file to include JavaScript code. This code is then stored and executed by a victim's web browser. The issue can be exploited by including malicious content as a parameter in a URL, which is then posted publicly or e-mailed to victims. Specifically, the `/netact/sct` API endpoint is used, with the `filename` parameter being vulnerable. **Recommendations** For Nokia NetAct version 18A, consider disabling the ability to upload files or restricting access to the `/netact/sct` API endpoint until a fix is available. Additionally, avoid using the `filename` parameter in the affected API endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Nokia NetAct version 18A **Description** A remote user, authenticated to the Nokia NetAct Web Page, can upload potentially dangerous files without restrictions. This is achieved by visiting the Site Configuration Tool web site section and using the `/netact/sct` API endpoint with the `dir` parameter in conjunction with the `operation=upload` value. **Recommendations** For Nokia NetAct version 18A, restrict access to the `/netact/sct` API endpoint to prevent arbitrary file uploads until a fix is available. As a temporary workaround, consider disabling the file upload functionality via the `operation=upload` value to minimize the risk of exploitation.