agorum Software GmbH Agorum Core Open Incorrect Access Control Vulnerability Allowing Arbitrary File Access
Vulnerability
A vulnerability in the dynawebservice component of agorum Software GmbH Agorum core open versions 11.9.2 and 11.10.1 allows unauthenticated attackers to access arbitrary files on the system. This issue arises from incorrect access control, enabling exploitation without authentication.
Impact
Exploitation of this vulnerability allows for absolute path traversal, enabling unauthorized access to sensitive files on the system, such as the passwd file.
Reproduction
To reproduce this vulnerability, send a GET request to the dynawebservices/wsfiling/ endpoint with the action parameter set to 'getTemp' and the tmpFile parameter set to the desired file path, such as '/etc/passwd'. The response will include the contents of the requested file, demonstrating the successful exploitation of the path traversal vulnerability.
Remediation
Users of agorum core open should upgrade to versions 11.9.2 or 11.10.1.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.