CVE-2024-45177 identifies a persistent cross-site scripting (XSS) vulnerability in the za-internet C-MOR Video Surveillance software, specifically versions 5.2401 and 6.00PL01. The root cause is insufficient input validation in the camera configuration module of the web interface, which allows an attacker to inject malicious JavaScript code that remains stored and executed whenever the affected interface is accessed. Persistent XSS differs from reflected XSS in that the malicious payload is saved on the server side, increasing the attack's persistence and potential impact. The vulnerability requires an attacker with low privileges (PR:L) to perform the attack and some user interaction (UI:R), such as an administrator or authorized user accessing the compromised configuration page. The CVSS vector indicates the attack can be performed remotely over the network (AV:N) with low attack complexity (AC:L), and it affects confidentiality and integrity but not availability. Exploiting this vulnerability could allow attackers to steal session tokens, manipulate surveillance settings, or perform actions on behalf of legitimate users, potentially undermining the security and privacy of monitored environments. No patches or mitigations have been officially released at the time of publication, and no known exploits have been observed in the wild. The vulnerability is classified under CWE-79, which covers improper neutralization of input leading to XSS.

The persistent XSS vulnerability in C-MOR Video Surveillance software can have significant consequences for organizations relying on these systems for security monitoring. Successful exploitation could enable attackers to hijack user sessions, escalate privileges, or alter camera configurations, potentially disabling or manipulating surveillance feeds. This undermines the integrity and confidentiality of video surveillance data, which is critical for physical security, incident investigation, and compliance. Organizations in sectors such as critical infrastructure, government, transportation, and large enterprises that deploy C-MOR systems are particularly at risk. The attack does not directly impact system availability but can facilitate further attacks or unauthorized access. Given the web interface nature, attackers could also use this vulnerability as a foothold for lateral movement within the network. The lack of patches increases exposure, especially in environments where web interface access is not tightly controlled.

To mitigate CVE-2024-45177, organizations should immediately restrict access to the C-MOR web interface using network segmentation, VPNs, or IP whitelisting to limit exposure to trusted administrators only. Implement strict input validation and sanitization on all user-supplied data in the camera configuration interface, ideally by applying context-aware encoding to neutralize script injection attempts. Until an official patch is available, consider deploying web application firewalls (WAFs) with custom rules to detect and block XSS payloads targeting the C-MOR interface. Conduct regular security audits and penetration testing focused on the surveillance system's web components. Educate administrators on the risks of clicking untrusted links or entering suspicious data in the configuration interface. Monitor logs for unusual activity indicative of attempted XSS exploitation. Finally, maintain close communication with the vendor for timely updates and patches.