Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
BID:53026
Info
Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
| Bugtraq ID: | 53026 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 16 2012 12:00AM |
| Updated: | Apr 16 2012 12:00AM |
| Credit: | Benjamin Kunz Mejri |
| Vulnerable: |
Elitecore Technologies Cyberoam UTM 10.01.2 build 059 |
| Not Vulnerable: | |
Discussion
Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
Cyberoam UTM is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
Cyberoam UTM 10.01.2 build 059 is vulnerable; other versions may also be affected.
Cyberoam UTM is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input.
An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the attacker to compromise the application and the computer; other attacks are also possible.
Cyberoam UTM 10.01.2 build 059 is vulnerable; other versions may also be affected.
Exploit / POC
Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
Attackers can exploit these issues with a browser.
The following example URIs are available:
http://www.example.com/onlinehelp/wwhelp/wwhimpl/js/html/wwhelp.htm#context=Online_help&file=[LFI]../corporate/webpages/index.jsp
http://www.example.com/onlinehelp/wwhelp/wwhimpl/api.htm?context=Online_help&file=[LFI]../corporate/webpages/index.jsp
An exploit code is also available. Please see the references for information.
Attackers can exploit these issues with a browser.
The following example URIs are available:
http://www.example.com/onlinehelp/wwhelp/wwhimpl/js/html/wwhelp.htm#context=Online_help&file=[LFI]../corporate/webpages/index.jsp
http://www.example.com/onlinehelp/wwhelp/wwhimpl/api.htm?context=Online_help&file=[LFI]../corporate/webpages/index.jsp
An exploit code is also available. Please see the references for information.
Solution / Fix
Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Cyberoam UTM Multiple 'file' Local File Include Vulnerabilities
References:
References:
- Cyberoam UTM Homepage (Elitecore Technologies)
- Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities (Elitecore Technologies)