CVE-2025-2609 Scanner

MagnusBilling is a billing software developed by MagnusSolution, commonly used in telecommunication companies to manage billing operations. It is utilized by businesses requiring comprehensive billing solutions, including VoIP services. The software streamlines the handling of call data records and provides functionalities to manage user accounts and billing details. MagnusBilling's advanced features make it popular among both small enterprises and larger corporations needing scalable solutions. Its web-based interface allows easy access and management by administrative users remotely. The software is continuously updated to incorporate new features and address any known issues.

Cross-Site Scripting (XSS) is a vulnerability that allows attackers to inject malicious scripts into web pages viewed by others. In the context of MagnusBilling, this vulnerability lets unauthenticated users store HTML content within its login logging component. This can result in unauthorized script execution when administrators view these logs within the application. Such attacks can be used to steal cookies, session tokens, or even redirect users to malicious sites. The intent behind exploiting this vulnerability is often to manipulate or disrupt the web application's normal functionality. Addressing XSS vulnerabilities is crucial to maintaining web application security and user trust.

The technical details of this XSS vulnerability involve improper input neutralization in MagnusBilling at the URL /mbilling/index.php/logUsers/read. Specifically, the lack of adequate input sanitization allows attackers to inject script tags within log data. The vulnerable parameter involves content stored in log entries, which becomes executable within an administrative interface. Attackers exploit this by using crafted payloads such as <img src=x onerror=alert(document.domain)>, triggering JavaScript execution when the logs are accessed. This issue resides in the MagnusLog.Php component, affecting users of MagnusBilling versions through 7.3.0. The system's failure to validate or escape user input before storage leads to this vulnerability.

Exploiting this XSS vulnerability can lead to significant security risks, including unauthorized access to sensitive information. Attackers could capture session cookies leading to account hijacking or escalate their privileges within the application. Additionally, they might inject redirects to phishing sites or display false content to other users. This could harm the company's reputation and expose customers to targeted attacks. Organizations using vulnerable versions might also experience data breaches or loss of confidential information. Effective remediation is necessary to protect against potential misuse and ensure the integrity of web applications.

REFERENCES

• https://vulncheck.com/advisories/magnusbilling-logs-xss
• https://chocapikk.com/posts/2025/magnusbilling/
• https://nvd.nist.gov/vuln/detail/CVE-2025-2609