We have been researching various aspects of SNMP for over the past 24 months, ranging from SNMP-leveraged data extraction techniques to attacking systems that rely heavily on SNMP data streams. We formed a hypothesis that a malicious actor might be able to deliver persistent XSS via SNMP data fields to a web-based management console, and NMSs appeared to be ideal target candidates for this line of research, given the way they operate.
Download and read the full report to learn about our key findings, including:
This Rapid7 report explores attacking Network Management Systems (NMSs) over the Simple Network Management Protocol (SNMP), a protocol used extensively by NMSs to manage and monitor a wide variety of networked devices. Three distinct attack vectors are explored: