SolusVM – Edit DNS Stored XSS Vulnerability (R911-0180)

Type: Stored XSS
Location: Remote
Impact: Low
Product: SolusVM
Vulnerable Version: 1.16.10
Fixed Version: 1.16.11
CVE: -
R911: 0180
Date: 2015-06-13
By: RACK911 Labs

[B]Product Description:

Solus Virtual Manager (SolusVM) is a powerful GUI based VPS management system with full OpenVZ, Linux KVM, Xen Paravirtualization and Xen HVM support. SolusVM allows you and your clients to manage a VPS cluster with security & ease.

[B]Vulnerability Description:

Due to user input not being sanitized, it is possible for a malicious user to embed HTML code within the Edit DNS feature (PowerDNS) that can then be turned into an XSS vulnerability.


We have deemed this vulnerability to be rated as LOW due to the fact that the DEFAULT settings have proper protection to reduce the risk of an admin level compromise.

[B]Vulnerable Version:

This vulnerability was tested against SolusVM 1.16.10 and is believed to exist in all versions prior to the fixed builds below.

[B]Fixed Version:

This vulnerability was patched in SolusVM 1.16.11.

[B]Vendor Contact Timeline:

2015-06-10: Vendor contacted via email.
2015-06-10: Vendor confirms vulnerability.
2015-06-11: Vendor issues updates to all builds.
2015-06-13: RACK911 Labs issues security advisory.