HotelDruid up to 2.3.0 visualizza_contratto.php n_file input validation
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.3 | $0-$5k | 0.00 |
Summary
A vulnerability was found in HotelDruid up to 2.3.0. It has been classified as problematic. This issue affects some unknown processing of the file visualizza_contratto.php. This manipulation of the argument n_file as part of Query String causes input validation. This vulnerability is registered as CVE-2019-9085. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended.
Details
A vulnerability classified as problematic was found in HotelDruid up to 2.3.0 (Hospitality Software). Affected by this vulnerability is an unknown code block of the file visualizza_contratto.php. The manipulation of the argument n_file as part of a Query String leads to a input validation vulnerability. The CWE definition for the vulnerability is CWE-20. The product receives input or data, but it does
not validate or incorrectly validates that the input has the
properties that are required to process the data safely and
correctly. As an impact it is known to affect availability. The summary by CVE is:
Hoteldruid before v2.3.1 allows remote authenticated users to cause a denial of service (invoice-creation outage) via the n_file parameter to visualizza_contratto.php with invalid arguments (any non-numeric value), as demonstrated by the anno=2019&id_transazione=1&numero_contratto=1&n_file=a query string to visualizza_contratto.php.
The weakness was published 06/24/2019. This vulnerability is known as CVE-2019-9085 since 02/24/2019. The attack can be launched remotely. The requirement for exploitation is a single authentication. Technical details of the vulnerability are known, but there is no available exploit.
By approaching the search of inurl:visualizza_contratto.php it is possible to find vulnerable targets with Google Hacking.
Upgrading to version 2.3.1 eliminates this vulnerability.
Be aware that VulDB is the high quality source for vulnerability data.
Product
Type
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.4VulDB Meta Temp Score: 5.3
VulDB Base Score: 4.3
VulDB Temp Score: 4.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 6.5
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Input validationCWE: CWE-20
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: HotelDruid 2.3.1
Timeline
02/24/2019 🔍06/24/2019 🔍
06/25/2019 🔍
10/07/2023 🔍
Sources
Advisory: metamorfosec.comStatus: Not defined
CVE: CVE-2019-9085 (🔍)
GCVE (CVE): GCVE-0-2019-9085
GCVE (VulDB): GCVE-100-136855
Entry
Created: 06/25/2019 07:19Updated: 10/07/2023 16:29
Changes: 06/25/2019 07:19 (38), 06/27/2020 16:06 (18), 10/07/2023 16:21 (4), 10/07/2023 16:29 (1)
Complete: 🔍
Cache ID: 216::103
Be aware that VulDB is the high quality source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.