| Titre | No limit in length of "Name" parameter results in DOS attack /memory corruption in wallabag/wallabag |
|---|
| Description | VENDOR-GITHUBLINK : https://github.com/wallabag/wallabag
Vulnerability Type: CWE-770(Allocation of Resources Without Limits or Throttling)
AFFECTED-VERSION : 2.5.4
## Steps To Reproduce
```
1. Navigate to this URL https://app.wallabag.it/login and login with your Credential
2. After logged-in move to your Profile-Config section or to this URL: https://app.wallabag.it/config
3. Navigate to "USER INFORMATION" You will see a field called "Name"
3. Here you will see that there is no limit for the “Name” parameter that allows a user to set a very long string as long as 1 million characters.
4. This may possibly result in a memory corruption/DOS attack.
```
Mitigation
There must be a fixed length for the “Name” parameter upto 128 characters
Impact
Allows an attacker to set a " Name “ with long string leading to memory corruption/possible DOS Attack
## PROOF-OF-CONCEPT
- GITHUB-LINK : https://github.com/ctflearner/Vulnerability/blob/main/WALLABAG/NAME-LIMIT.md |
|---|
| La source | ⚠️ https://github.com/wallabag/wallabag |
|---|
| Utilisateur | Affan (UID 39417) |
|---|
| Soumission | 30/06/2023 20:48 (il y a 3 ans) |
|---|
| Modérer | 08/07/2023 15:27 (8 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 233359 [wallabag 2.5.4 Profile Config /config Nom déni de service] |
|---|
| Points | 20 |
|---|