← Advisories

NethServer 7.3.1611 (create.json) CSRF Create User And Enable SSH Access

High

Advisory ID

ZSL-2017-5433

Release Date

29 August 2017

Vendor

NethServer.org - https://www.nethserver.org

Affected Version

7.3.1611-u1-x86_64

CVE

N/A

Tested On

Kernel 3.10.0.-514.el7.x86_64 on an x86_64, CentOS Linux 7.3.1611 (Core)

Summary

NethServer is an operating system for the Linux enthusiast, designed for small offices and medium enterprises. It's simple, secure and flexible.

Description

The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.

Proof of Concept

nethserver_csrf.htmlTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://packetstormsecurity.com/files/143944

[2]https://cxsecurity.com/issue/WLB-2017080192

[3]https://www.exploit-db.com/exploits/42580/

[4]https://exchange.xforce.ibmcloud.com/vulnerabilities/131252

Changelog

29.08.2017Initial release

01.09.2017Added reference [4]