Enviar #497083: harpia.com.br DiagSytem 12 Insecure Direct Object Reference(IDOR)información

Títuloharpia.com.br DiagSytem 12 Insecure Direct Object Reference(IDOR)
DescripciónDiagSystem is a RIS (Radiology Information System) software developed by Harpia (www.harpia.com.br) for the management and automation of imaging diagnostic clinics. It covers everything from scheduling exams to storing and distributing medical reports, facilitating the workflow in healthcare institutions. More information about the system can be found on the official DiagSystem website: www.diagsystem.com.br. ## Searching for FOFA with the query: title="DiagSystem" || body="DiagSystem" I found at least 60 results using this system ## Link to view the POC: https://drive.google.com/file/d/1zBAwcqfv6-HvDQg6ch3ywbllo0VlLIoQ/view?usp=sharing # Proof of Concept (PoC) - IDOR in DiagSystem ## Step by Step for Exploitation 1. **Access to the System:** - Access the DiagSystem system through the link provided by the clinic. - Use the credentials received to log in. 2. **Identification of the Vulnerable Point:** - After logging in, access your own exam. - Note the exam URL, which contains a `cod` and `codexame` parameter. - Example of URL: ``` http://x.x.x.x:8081/diagsystem/PACS/atualatendimento_jpeg.php?cod=10677441&tp=JPEG&codexame=10677448 ``` 3. **Parameter Manipulation:** - Change the value of the `cod` parameter to a different number. - Modify the value of the `codexame` parameter to a number close to the original. - Access the new modified URL in the browser. 4. **Exploitation Verification:** - If the page loads and displays exams from other patients, the IDOR vulnerability is confirmed. - If access is denied or an error is returned, there may be a protection mechanism. 5. **Impact of the Vulnerability:** - Any authenticated user can access third-party exams simply by modifying parameters in the URL. - Serious privacy flaw and exposure of sensitive patient data. 6. **Mitigation Recommendations:** - Implement authentication and authorization checks on endpoints. - Avoid the use of predictable sequential identifiers. - Adopt secure tokens to control access to exams. - Perform security audits to identify other similar flaws.
Fuente⚠️ http://x.x.x.x:8081/diagsystem/PACS/atualatendimento_jpeg.php?cod=10677441&tp=JPEG&codexame=10677448
Usuario
 Samuel Jesus (UID 81288)
Sumisión2025-02-08 20:05 (hace 1 Año)
Moderación2025-02-22 11:30 (14 days later)
EstadoAceptado
Entrada de VulDB296550 [Harpia DiagSystem 12 atualatendimento_jpeg.php cod/codexame escalada de privilegios]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!