Submit #677172: LogicalDOC Community 9.2.1 Improper Restriction of Excessive Authentication Attemptsinfo

TitelLogicalDOC Community 9.2.1 Improper Restriction of Excessive Authentication Attempts
BeschreibungSummary The admin login page of LogicalDOC v9.2.1 is susceptible to unauthenticated credential brute-force. An attacker can automate password guessing against the /login.jsp endpoint and determine valid credentials by differences in HTTP response (status code and response length), allowing full takeover of the admin account. Steps to Reproduce 1. Navigate to http://lg.htb:8080/login.jsp 2. Capture a valid login request with Burp Suite 3. Send the captured request to Intruder 4. Set the body/form parameters such that the username is fixed and the password is a payload position, e.g.: j_username=admin&j_password=§admin§ 5. Load a password list (used example: the 500 worst passwords list: https://gist.github.com/djaiss/4033452) into Intruder Incorrect Password attempt returns Status Code: 302 and Response Length: 675 Correct Password attempt returns Status Code: 200 and Response Length: 796) 6. The correct password is identified and admin access is gained — confirming admin account takeover via password brute forcing Impact *) Full admin account takeover possible via automated credential guessing. *) Unauthorized access to sensitive documents and configuration. *) Ability to modify or delete data and create privileged accounts. *) Potential lateral movement and persistence after compromise. *) Regulatory, compliance, and reputational exposure. Recommendation *) Implement account lockout or progressive rate-limiting after failed attempts. *) Enforce multi-factor authentication (MFA) for all admin accounts. *) Normalize authentication responses (same status/body for success and failure). *) Introduce CAPTCHA or adaptive challenges after suspicious activity. *) Block or throttle suspicious IPs and use WAF rules to detect automation.
Quelle⚠️ https://gist.github.com/thezeekhan/869aeb01bd981667c35dcac3e72c2bfa
Benutzer
 Zeeshan Khan (UID 91384)
Einreichung16.10.2025 19:00 (vor 8 Monaten)
Moderieren31.10.2025 14:10 (15 days later)
StatusAkzeptiert
VulDB Eintrag330807 [LogicalDOC Community Edition bis 9.2.1 Admin Login Page /login.jsp Information Disclosure]
Punkte20

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!