| عنوان | Thingsboard Thingsboard 3.6.2 Arbitrary File Write |
|---|
| الوصف | Vulnerability Details
---------------------------------
ThingsBoard is susceptible to an arbitrary file write vulnerability, which could allow an attacker to create/modify arbitrary files on the server.
Steps to Reproduce
--------------------------------
1)Fork/Replicate the repository to your github (since you need the credentials of the github account)
https://github.com/sickuritywizard/JGit_Symlink_Exploit/tree/Windows
2)Login to the Thingsboard dashboard as a tenant admin
3)Navigate to AdvancedFeature --> Version Control --> Choose your github credentials and select the branch Windows
4)Click "Create entities version" --> Enter anything in versionName and click Create
5)The Arbitrary File Write is executed and the file is created on the server in C:\
Impact
-----------
The arbitrary file write vulnerability allows an attacker to create or modify files on the server. It is possible to add files in the webroot, modify registry and other sensitive files. The attacker can gain complete access over the host and also corrupt sensitive system files.
Note:
--------
Have contacted the vendor on this issue and they were able to replicate it. The fix has been decided for 3.7 release. I was asked to submit to a CNA for getting a CVE assigned. |
|---|
| المصدر | ⚠️ https://drive.google.com/file/d/1w9iSMpyKDuapH9wjsgTe8AYPn8Z30u2Z/view?usp=drive_link |
|---|
| المستخدم | sickuritywizard (UID 63855) |
|---|
| ارسال | 19/03/2024 06:38 PM (2 سنوات منذ) |
|---|
| الاعتدال | 03/04/2024 08:14 PM (15 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 259282 [ThingsBoard حتى 3.6.2 AdvancedFeature تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|