Created
June 30, 2023 13:55
-
-
Save pedromonteirobb/a0584095b46141702c8cae0f3f1b6759 to your computer and use it in GitHub Desktop.
(CVE-2023-33274) SNMP Web Pro 1.1 Authorization Bypass
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. ADVISORY INFORMATION | |
| ======================= | |
| Product: SNMP Web Pro 1.1 | |
| Vendor URL: https://voltronicpower.com/ | |
| Type: Improper Access Control [CWE-284] | |
| Date found: 2023-05-12 | |
| Date published: 2023-06-30 | |
| CVSSv3 Score: 9.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H) | |
| CVE: CVE-2023-33274 | |
| 2. CREDITS | |
| ========== | |
| This vulnerability was discovered and researched by Ph4nt0mByt3. | |
| 3. VERSIONS AFFECTED | |
| ==================== | |
| SNMP Web Pro 1.1 | |
| 4. INTRODUCTION | |
| =============== | |
| SNMP Web Pro 1.1 is a web interface to control UPS systems | |
| 5. VULNERABILITY DETAILS | |
| ======================== | |
| The web server allows make direct cgi requests without proper authorization, resulting in total control o UPS systems | |
| 6. PROOF OF CONCEPT | |
| ======================== | |
| Make a direct request to cgi endpoints to control over UPS. | |
| 7. SOLUTION | |
| ======================= | |
| Enable HTTP Basic to prevent direct cgi requests with strength user:pass | |
| 8. REFERENCES | |
| https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-33274 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment