NethServer 7.3.1611 (create.json) CSRF Create User And Enable SSH Access
Title: NethServer 7.3.1611 (create.json) CSRF Create User And Enable SSH Access
Advisory ID: ZSL-2017-5433
Type: Local/Remote
Impact: Cross-Site Scripting, System Access
Risk: (4/5)
Release Date: 29.08.2017
CentOS Linux 7.3.1611 (Core)
[2] https://cxsecurity.com/issue/WLB-2017080192
[3] https://www.exploit-db.com/exploits/42580/
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/131252
[01.09.2017] - Added reference [4]
Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2017-5433
Type: Local/Remote
Impact: Cross-Site Scripting, System Access
Risk: (4/5)
Release Date: 29.08.2017
Summary
NethServer is an operating system for the Linux enthusiast, designed for small offices and medium enterprises. It's simple, secure and flexible.Description
The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.Vendor
NethServer.org - https://www.nethserver.orgAffected Version
7.3.1611-u1-x86_64Tested On
Kernel 3.10.0.-514.el7.x86_64 on an x86_64CentOS Linux 7.3.1611 (Core)
Vendor Status
N/APoC
nethserver_csrf.htmlCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] https://packetstormsecurity.com/files/143944[2] https://cxsecurity.com/issue/WLB-2017080192
[3] https://www.exploit-db.com/exploits/42580/
[4] https://exchange.xforce.ibmcloud.com/vulnerabilities/131252
Changelog
[29.08.2017] - Initial release[01.09.2017] - Added reference [4]
Contact
Zero Science LabWeb: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk
