| Title | benner modernanet < 1.1.1 IDOR - Insecure Direct Object Reference |
|---|
| Description | IDOR - Insecure Direct Object Reference
An Insecure Direct Object Reference (IDOR) vulnerability was identified in the fooId parameter on the Modernanet system of the Benner company. This vulnerability allows an attacker to manipulate the fooId parameter value to access sensitive information about other objects, such as details of registered doctors, or any other related objects within the system.
Impact
With this flaw, an attacker can easily modify the fooId parameter to gain unauthorized access to data about doctors and other objects in the system, which compromises the confidentiality of the data.
This vulnerability is critical because there is no adequate validation or access control in place, allowing the attacker to access sensitive information without proper authorization. This could lead to a breach of sensitive patient or doctor data, as well as other confidential system records.
Problem Reproduction
Access the URL with a valid fooId parameter:
GET /AGE0000700/GetImageMedico?fooId=1 HTTP/2
The attacker can easily change the fooId value to retrieve data for other doctors or objects, for example:
GET /AGE0000700/GetImageMedico?fooId=2 GET /AGE0000700/GetImageMedico?fooId=3
Each ID corresponds to different data related to doctors or objects in the system, such as images, names, specialties, and other sensitive data that should not be accessible without proper authorization.
Special Behavior for Non-Existing IDs: If the fooId parameter corresponds to a non-existent ID, the application simply returns a default image instead of an error, making it harder for the attacker to notice that they are not accessing valid data. This behavior could lead the attacker to assume that they have valid access when in fact they are simply being served a generic image.
By: Yago Martins |
|---|
| Source | ⚠️ https://github.com/yago3008/cves |
|---|
| User | y4g0 (UID 80480) |
|---|
| Submission | 02/12/2025 21:15 (1 Year ago) |
|---|
| Moderation | 02/24/2025 18:22 (12 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 296692 [Benner ModernaNet up to 1.1.0 GetImageMedico?fooId=1 fooId resource injection] |
|---|
| Points | 20 |
|---|