GoSecure Blog

Butor Portal Arbitrary File Download Vulnerability (CVE-2019-13343)

TLDR: It is frightening, a patch was made available the same day it was disclosed and everybody should update their servers. 

Impact

Butor Portal is affected by a Path Traversal vulnerability leading to pre-authentication arbitrary file downloads. Every file that can be read by the local user running the Butor Portal Web service could be exfiltrated by an anonymous attacker.

With the ability of reading most files on a server, an unauthenticated attacker could not only fully compromise the Butor application, but also the underlying infrastructure such as the database or the LDAP server using credentials stored in plain text in configuration files.

Exploitation of this vulnerability does not require advanced skill and can be automated.

Read More

Topics: appsec, code review, vulnerability

Automating local DTD discovery for XXE exploitation

Last month, we presented at Hack In Paris (France) a XML External Entities (XXE) exploitation workshop. It showcase methods to exploit XXE with numerous obstacles. Today, we present our method to exploit XXEs with a local Document Type Declaration (DTD) file. More specifically, how we built a huge list of reusable DTD files.

Read More

Topics: appsec, tool, web, pentest

Subscribe to Email Updates

Recent Posts