HackDig : Dig high-quality web security articles for hacker

up.time 7.5.0 Superadmin Privilege Escalation Exploit

2015-08-19 19:35
Title: up.time 7.5.0 Superadmin Privilege Escalation Exploit
Advisory ID: ZSL-2015-5251
Type: Local/Remote
Impact: Privilege Escalation
Risk: (4/5)
Release Date: 19.08.2015
Summary
The next-generation of IT monitoring software.
Description
up.time suffers from a privilege escalation issue.Normal user can elevate his/her privileges by sendinga POST request seting the parameter 'userroleid' to 1.Attacker can exploit this issue using also cross-siterequest forgery attacks.
Vendor
Idera Inc. - http://www.uptimesoftware.com
Affected Version
7.5.0 (build 16) and 7.4.0 (build 13)
Tested On
Jetty, PHP/5.4.34, MySQL
Apache/2.2.29 (Win64) mod_ssl/2.2.29 OpenSSL/1.0.1j PHP/5.4.34
Vendor Status
[29.07.2015] Vulnerability discovered.
[06.08.2015] Vendor contacted.
[18.08.2015] No response from the vendor.
[19.08.2015] Public security advisory released.
PoC
uptime_pe.txt
Credits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>
References
[1] http://www.zeroscience.mk/en/vulnerabilities/ZSL-2015-5254.php
Changelog
[19.08.2015] - Initial release
Contact
Zero Science Lab

Web: http://www.zeroscience.mk
e-mail: lab@zeroscience.mk


Source: php.1525-5102-LSZ/seitilibarenluv/ne/km.ecneicsorez.www

Read:2709 | Comments:0 | Tags: exploit

“up.time 7.5.0 Superadmin Privilege Escalation Exploit”0 Comments

Submit A Comment

Name:

Email:

Blog :

Verification Code:

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud