Vulnerabilities in Device42 platform

Researchers detailed numerous severe security issues on the Device42 platform that opens the door to attackers.

Device42 provides device discovery, asset management, and dependency mapping for data centers and the cloud. The vulnerabilities were found in an audit of a Device42 appliance within two instances of the application. (product instance and staging instance)

Advertisements

Researchers found that with the product instance, access was available to all company employees through a single sign-on, with the researchers having the same access as any employee, including access to the Advanced Reporting feature.

On the staging instance, access was with a username and password with administrative permissions in place, but by exploiting a remote command execution, the researchers were able to gain full root access and could further explore the entire available code.

An attacker, exploiting the issue could impersonate other users and through cross-site scripting obtain admin-level access to the application or full access to the appliance files and database via RCE.

The researchers claim that an attacker can achieve RCE with root privileges starting from an unauthenticated session. These include an authentication bypass with an unauthenticated local file inclusion vulnerability in Device42’s code access by extracting valid session IDs of authenticated users.

The researchers also found an RCE vulnerability in the appliance manager component and a server-side request forgery vulnerability in the Exago Reports component.