CVE-2000-0720 in News Publisher
Summary
by MITRE
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 10/12/2025
The vulnerability identified as CVE-2000-0720 affects GWScripts News Publisher software, specifically targeting the news.cgi component that manages author authentication and authorization processes. This flaw represents a critical security weakness in the application's access control mechanisms, where the system fails to properly validate user credentials before permitting administrative actions. The vulnerability stems from improper input validation and authentication checks within the web application's request handling logic, creating an avenue for unauthorized users to escalate their privileges and gain unauthorized access to administrative functions.
The technical exploitation of this vulnerability occurs through a straightforward yet effective method involving direct HTTP request manipulation. Attackers can bypass the normal authentication flow by crafting and submitting a specially formatted HTTP request directly to the new.cgi program endpoint. This attack vector specifically leverages the addAuthor parameter within the request payload, combined with manipulation of the Referer header field to mimic legitimate traffic originating from the news.cgi program. The vulnerability exploits the trust relationship that the application establishes between different endpoints, where the system incorrectly assumes that requests with a valid Referer header from the news.cgi program are legitimate without proper authentication verification.
This authentication bypass flaw has significant operational impact on affected systems, potentially allowing remote attackers to completely compromise the news publishing platform's author management functionality. Once exploited, attackers can add new authors to the system's author index, which may grant them elevated privileges and access to administrative controls within the application. The implications extend beyond simple privilege escalation, as the addition of unauthorized authors could lead to content manipulation, unauthorized publishing rights, and potential data integrity compromises within the news management system. The vulnerability affects the fundamental security model of the application, undermining the integrity of its access control mechanisms.
The flaw aligns with CWE-285, which addresses improper authorization issues in software applications, and represents a classic case of insufficient authentication checks. From an attack framework perspective, this vulnerability maps to ATT&CK technique T1078 for Valid Accounts and T1548 for Abuse of Cloud Infrastructure, as it enables unauthorized access to administrative functions through manipulated request parameters. The vulnerability also reflects broader security concerns related to input validation and trust relationships within web applications, where the system's reliance on HTTP headers for access control validation creates exploitable gaps in security architecture. Organizations implementing GWScripts News Publisher should immediately address this issue through proper authentication enforcement, input validation, and removal of trust-based access controls that rely on HTTP headers without proper credential verification.
Mitigation strategies should focus on implementing robust authentication mechanisms that require proper credential validation before allowing any administrative operations, regardless of HTTP header values or referer information. The system should enforce strict access controls that validate user credentials through proper authentication channels rather than relying on header-based trust relationships. Additionally, organizations should implement proper input sanitization and parameter validation to prevent unauthorized parameter manipulation, while also establishing logging and monitoring capabilities to detect suspicious authentication attempts. Regular security assessments and code reviews should be conducted to identify similar trust-based vulnerabilities within the application's architecture, ensuring that all access control mechanisms follow established security best practices and maintain proper separation of concerns between different functional components of the web application.