SecZetta NEProfile 3.3.11 Host Header Injection ≈ Packet Storm – Digitalmunition




Exploit/Advisories no-image-featured-image.png

Published on August 26th, 2020 📆 | 2124 Views ⚑

0

SecZetta NEProfile 3.3.11 Host Header Injection ≈ Packet Storm

SecZetta NEProfile 3.3.11 Host Header Injection
Posted Aug 25, 2020
Authored by Josh Sheppard, Bryan Clements

SecZetta NEProfile version 3.3.11 suffers from a host header injection vulnerability.

tags | advisory
advisories | CVE-2020-12855
MD5 | 1f997b35e7990c671bf81984b91073a2
 Exploit Title: NEProfile - Host Header Injection
Date: 5/13/2020
Vendor Homepage: https://seczetta.com
Software Link: https://seczetta.com/product/ne-profile
Version: 3.3.11
Tested on: 3.3.11
Exploit Author: Josh Sheppard & Bryan Clements
Exploit Contact: ghost () a t undervurse dot_com & mavr1ck2020 a t protonmail dot_com
Exploit Technique: Remote
CVE ID: CVE-2020-12855

1. Description

A host header injection vulnerability has been discovered in SecZetta's NEProfile product. Authenticated remote adversaries can poison the host header resulting in the attacker controlling response 302 execution flow.

The issue affects version 3.3.11 and has not been tested on other versions of the product.

2. Disclosure Timeline

5/4/20 - Discovery and Exploitation
5/12/20 - Vendor Notified
7/18/20 - Patch / Hotfix Created

3. Mitigation

Apply hotfix provided by vendor

Source link

Tagged with:



Leave a Reply

Your email address will not be published. Required fields are marked *


loading...