CVE-2020-24765

Authentication Bypass Vulnerability in Mind Server version <= 3.13.65 allows any user to steal the self-diagnostic archive via a direct request.

CVSS v2: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVSS v2 Score (BS): 5

CVSS v3: (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVSS v3 Score (BS): 5.3

Information

Description: Authentication Bypass Vulnerability allows any user to steal the self-diagnostic archive via a direct request https://PWND.SITE/api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1. The archive contains copies of the main configuration files and event logs of Mind Server portal. An attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions; this may aid in launching further attacks.

Class: Design Error

Researcher: Vadim Golovanov (https://github.com/trump88/)

Issue date: 2020-07-06 (Initial Advisory)

Public release: 2020-10-08

Disclosure Link:

NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2020-24765

POC

An example of vector: the official site of Vendor

https://vcs.imind.ru/api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1

Screenshots:

trump88 / CVE-2020-24765

CVE-2020-24765

Information

POC

Screenshots:

About