Thermo Fisher Torrent Suite Local Authentication Bypass Vulnerability

A local authentication bypass vulnerability has been identified in the Thermo Fisher Torrent Suite Django application version 5.18.1. The issue arises in the LocalhostAuthMiddleware, which incorrectly authenticates users as 'ionadmin' if the request's REMOTE_ADDR is set to 127.0.0.1, 127.0.1.1, or ::1. This flaw allows any user with local access to the server to bypass authentication.

Impact

Exploitation of this vulnerability allows for unauthorized access to the application with administrative privileges.

Reproduction

To reproduce this vulnerability, access the application on a server where Torrent Suite Django version 5.18.1 is installed. Ensure that the request is made from a local address, such as 127.0.0.1 or ::1. The LocalhostAuthMiddleware will authenticate the user as 'ionadmin', bypassing normal authentication procedures.

Remediation

Users are advised to review their network configuration and security settings to prevent unauthorized access. Ensure that the application is not connected to the public Internet without a firewall, and that all components are secured behind a properly configured network perimeter.