High-Tech Bridge Security Research Lab discovered CSRF vulnerability in UMI.CMS, which can be exploited to perform Cross-Site Request Forgery (CSRF) attacks and create new administrator in the vulnerable application.
Cross-site Request Forgery (CSRF) in UMI.CMS: CVE-2013-2754
The application allows authorized administrator to perform certain sensitive actions via HTTP requests without making proper validity checks to verify the source of these HTTP requests. This can be exploited to perform any actions with administrator privileges, such as adding new administrator to the system.
A remote attacker can create a specially crafted webpage, trick a logged-in administrator to open it and create new user with administrative privileges.
A basic CSRF exploit that will create new administrator with "csrfuser" as a login and "password" as a password provided in advisory.
Solution:
Fixed by Vendor, Upgrade to UMI.CMS 2.9 build 21905
Changelog: http://www.umi-cms.ru/support/changelog/ (task number 17390)
References:
[1] High-Tech Bridge Advisory HTB23151: Cross-Site Request Forgery (CSRF) in UMI.CMS.
[2] UMI.CMS - UMI.CMS is a fast and scalable content management system.
No comments:
Post a Comment