Vulnerability CVE-2020-11679
Published: 2020-06-04

Description:
Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Adminstrator/Users/Edit/:UserId fails to check that the request was submitted by an Administrator. This allows a normal user to escalate their privileges by adding additional roles to their account.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Castel NextGen DVR 1.0.0 Bypass / CSRF / Disclosure
Aaron Bishop
06.06.2020

Type:

CWE-269

 (Improper Privilege Management)

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
http://packetstormsecurity.com/files/157954/Castel-NextGen-DVR-1.0.0-Bypass-CSRF-Disclosure.html
http://seclists.org/fulldisclosure/2020/Jun/8
https://www.securitymetrics.com/blog/attackers-known-unknown-authorization-bypass
Copyright 2024, cxsecurity.com

 

Back to Top