This allows a threat actor to host / run arbitrary client side code (cross-site scripting) in a user's browser when browsing the vulnerable subdomain. This is a security issue with a self-hosted interactsh server in which the user may not have configured a web client but still have a CNAME entry pointing to GitHub pages, making them vulnerable to subdomain takeover.
Domains configured with interactsh server prior to version 1.0.0 were vulnerable to subdomain takeover for a specific subdomain, i.e `app.` Interactsh server used to create cname entries for `app` pointing to `` as default, which intended to used for hosting interactsh web client using GitHub pages. Interactsh is an open-source tool for detecting out-of-band interactions. An attacker running these commands could reveal sensitive information such as software versions and web server file contents. The affected TBox RTUs are missing authorization for running some API commands. This vulnerability has been patched in version 4.0.3. This was tested in docker-compose environment.
Cross site scripting (XSS) injection can be done via the account/service field. 2FA is a Web app to manage Two-Factor Authentication (2FA) accounts and generate their security codes.
