← Advisories

SharpLynx v9.2.3 Insecure File Permissions

Medium

Advisory ID

ZSL-2018-5456

Release Date

02 April 2018

Vendor

Lynx Software Pty Ltd. - https://www.sharplynx.com

Affected Version

9.02.0003

CVE

N/A

Tested On

Microsoft Windows 7 Professional SP1 (EN)

Summary

Back Office Software for Sharp POS Terminals. Catering for the needs of retail and hospitality businesses, SharpLynx has been developed as a modular software solution with options from simple program management and sales analysis through to multi-location stock control.

Description

SharpLynx suffers from an elevation of privileges vulnerability which can be used by a simple authenticated user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the 'C' flag (Change) for 'Authenticated Users' group.

Proof of Concept

sharplynx_perm.txtTXT

Disclosure Timeline

27.03.2018Vulnerability discovered.

28.03.2018Vendor contacted.

01.04.2018No response from the vendor.

02.04.2018Public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://packetstormsecurity.com/files/147011

[2]https://cxsecurity.com/issue/WLB-2018040024

[3]https://exchange.xforce.ibmcloud.com/vulnerabilities/141310

Changelog

02.04.2018Initial release

08.04.2018Added reference [1] and [2]

16.04.2018Added reference [3]