Yerootech iDS6 DSSPro Digital Signage System Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in Yerootech iDS6 DSSPro Digital Signage System version 6.2. This vulnerability allows authenticated users to bypass access controls and elevate privileges by using console JavaScript functions or exploiting insecure direct object references. As a result, attackers could create users, modify roles and permissions, and potentially take over the entire application.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation, allowing users to gain elevated rights within the application and potentially take full control of the system.

Reproduction

To reproduce this vulnerability, log into the application using one of the default accounts (admin:123456, boss:boss, or user:user). Once logged in, navigate to the Accounts>User page. From there, JavaScript functions can be called in the console to exploit the access control vulnerability. Alternatively, insecure direct object references can be used to access hidden functionalities that allow for privilege escalation.