Advisory assigned CVE-2018-7251 | AnchorCMS database credentials leakage through error logs - Andmp | A blog about infosec, bug hunting and more!

A blog about infosec, bug hunting, education and a plethora of other things...

Breaking

ad

Post Top Ad

Monday, 19 February 2018

Advisory assigned CVE-2018-7251 | AnchorCMS database credentials leakage through error logs

Regarding CVE-2018-7251,

Throwing some light -
It was found using OSINT(Open Source Intelligence Techniques) techniques on almost all sites powered by this CMS

Product - AnchorCMS

Versions affected - All

Detailed Description -

I came across this bug that reveals error logs in your AnchorCMS backed web log and filed a security advisory accordingly regarding the same.

What happens is, due to a common misconfiguration or a possible  business logic error , any regular user is given access to view your application's error logs.

If there has been an error in your MySQL database configuration ,this gets logged into the *publicly accessible* errors.log by the config/error.php ,as a direct result of which a remote attacker might possibly extract your MySQL passwords and usernames ,thereby intruding into your Database very easily.

A fix to it has been already released , that makes the error logs inaccessible publicly on the web.

No comments:

Post a Comment

Let me know what you felt after reading the article!

Post Bottom Ad

Pages