Incorrect Access Control

VIDEO POC LINK https://www.youtube.com/watch?v=H5QnsOKjs3s

Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function.

STEPS TO REPRODUCE

1 Login to the user 1 2 visit the password change function. 3 configue the proxy with burp suit to intercept the request. 4 Send the password change request, and intercept the request and manupulate the user id to change another user password. 5. Forward the request and turn of the intercept. 6. Login to the other user with new password. 7. Observe that the account is successfully compromized.

Affected Component Password change Functionality

Attack Type] Remote

CVE Impact Other Account Takeover

Attack Vectors victim id is need which is easily enumerable.

Reference https://youtu.be/H5QnsOKjs3s

Discoverer Sajal Jat