SpinetiX Fusion Digital Signage Database Backup Disclosure Vulnerability
Vulnerability
A vulnerability allowing unauthenticated access to sensitive database backup files has been identified in SpinetiX Fusion Digital Signage version 3.4.8. Attackers can exploit this vulnerability by accessing the /content/files/backups/ endpoint, where backup files containing user credentials and system information are stored. The issue arises from improper access controls, allowing unauthorized users to download these sensitive files.
Impact
Exploitation of this vulnerability leads to unauthorized information disclosure, including user credentials and system details. This could facilitate authentication bypass, session hijacking, and potentially full control over the affected system.
Reproduction
To reproduce this vulnerability, send a GET request to the /content/files/backups/ endpoint on a device running SpinetiX Fusion Digital Signage 3.4.8. The response will include a directory listing of backup files. Downloading these files will reveal sensitive information such as user credentials in clear text.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.