Wazuh Dashboard - Information Discoluser

2024.03.30

parsa rezaie khiabanloo (DE)

Risk: High

Local: Yes

Remote: No

CVE: N/A

CWE: N/A

# Exploit Title: Wazuh Dashboard - Information Discoluser
# Date: 3/30/2024
# Exploit Author: parsa rezaie khiabanloo
# Vendor Homepage: Wazuh (https://wazuh.com/)
# Version: 4.4.2
# Tested on: Linux/Windows Firefox
Step 1 : open the inspect element and go to the network tab
Step 2 : login to your account on your dashboard
as you see we can what requests we are sending
Step 3 : attacker on network tab must set XHR see the requests each of them giving the good information to attacker but in response
Step 4 : in configuration file and in the response you can see the username of wazuh dashboard and the wazuh manager for example
statusCode 200
error 0
data Object { hosts: […] }
hosts [ {…} ]
0 Object { default: {…} }
default Object { url: "https://192.168.113.50", port: 55000, username: "wazuh-wui", … }
url "https://192.168.113.50"
port 55000
username "wazuh-wui"
password "*****"
run_as false
Step 5 : attacker found the master server ip and the username of the api
Step 6 : attacker can scan the server with nessus and find the vulnerability of the server or bruteforce the server to gain accsess

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Wazuh Dashboard - Information Discoluser

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.