PT-2019-9847 · Webgalamb · Webgalamb

Daniel Jones

Published

2019-03-17

Updated

2019-10-03

CVE-2018-19515

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Webgalamb versions prior to 7.0

Description The system/ajax.php functionality in Webgalamb is supposed to be restricted to administrators. However, unauthenticated users can access most of these methods by utilizing certain query parameters, specifically bgsend, atment sddd1xGz, or xls bgimport.

Recommendations For Webgalamb versions prior to 7.0, restrict access to the system/ajax.php functionality to prevent unauthenticated users from exploiting the vulnerable query parameters bgsend, atment sddd1xGz, or xls bgimport. Consider temporarily disabling these parameters until a patch is available.

Exploit

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2018-19515

Affected Products

Webgalamb

PT-2019-9847 · Webgalamb · Webgalamb

CVE-2018-19515

Weakness Enumeration

Related Identifiers

Affected Products

References · 4