H4Knet

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork eonweb versions 5.3-7 through 5.3-8 **Description** The issue is related to a SQL injection in the eonweb web interface, allowing an unauthenticated attacker to exploit the `username available` function of the includes/functions.php file, which is called by login.php. **Recommendations** For EyesOfNetwork eonweb versions 5.3-7 through 5.3-8, consider disabling the `username available` function in the includes/functions.php file as a temporary workaround until a patch is available. Restrict access to the login.php file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork versions 5.3 through 5.3-8 **Description** An issue allows an authenticated web user with sufficient privileges to abuse the AutoDiscovery module and run arbitrary OS commands. This is achieved via the `nmap binary` parameter to "lilac/autodiscovery.php" API endpoint. **Recommendations** For EyesOfNetwork versions 5.3 through 5.3-8, consider restricting access to the AutoDiscovery module and limiting the use of the `nmap binary` parameter in the "lilac/autodiscovery.php" API endpoint until a fix is available.

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork version 5.3 **Description** An issue allows an authenticated web user with sufficient privileges to abuse the AutoDiscovery module and run arbitrary OS commands via the "module/module frame/index.php autodiscovery.php" target field. **Recommendations** For EyesOfNetwork version 5.3, consider restricting access to the AutoDiscovery module until a patch is available. As a temporary workaround, avoid using the AutoDiscovery module to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** EyesOfNetwork version 5.3 **Description** The issue is related to the use of a hardcoded API key, `EONAPI KEY`, in the `include/api functions.php` file for API version 2.4.2. This allows an attacker to calculate or guess the admin access token, potentially leading to unauthorized access to protected information and privilege escalation. **Recommendations** For EyesOfNetwork version 5.3, consider changing the default API key `EONAPI KEY` to a unique value to prevent unauthorized access. As a temporary workaround, restrict access to the API endpoint that uses the hardcoded `EONAPI KEY` until a patch is available.