to3k Twittodon Insecure Deserialization Vulnerability in download.php Allowing Denial-of-Service
Vulnerability
A vulnerability allowing insecure deserialization has been identified in the to3k Twittodon application, specifically in the download.php script of versions prior to commit b1c58a7. This vulnerability arises because the 'obj' parameter accepts base64-encoded data that is directly passed to the unserialize() function without any validation. As a result, a remote, unauthenticated attacker can inject arbitrary PHP objects, leading to a denial-of-service condition.
Impact
Exploitation of this vulnerability allows for PHP object injection, which can cause a denial-of-service condition by triggering fatal errors on the server.
Reproduction
The vulnerability can be reproduced by sending a POST request to download.php with a base64-encoded serialized object as the 'obj' parameter. The server will respond with warnings indicating that the injected object was processed, confirming the vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.