XSS in Kyocera Printer - ECOSYS M2640IDW

This post will be describe how to explore Cross-Site Scripting in web panel in Kyocera printer

Image for post
Image for post
Web Panel Kyocera

PoC - exploiting XSS on web panel

Without being authenticated it is allowed add a new address in “Machine Address Book”, this feature allows to save frequently used destinations

Image for post
Image for post
Add new address in “Machine Address book”

Inserting the XSS payload in the “Name” field and saving the address is possible identify the result of attack

Image for post
Image for post
XSS Payload
Image for post
Image for post
XSS on the page

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store