Intelbras InControl CSV Injection Vulnerability

A CSV injection vulnerability has been identified in Intelbras InControl versions through 2.21.60.9. This issue arises from the application's failure to properly sanitize user input in the '/v1/operador/' endpoint, which is used to update user information. The vulnerability allows for the injection of malicious formulas that are executed when the CSV file is opened in a spreadsheet application, potentially leading to unauthorized data manipulation.

Impact

Exploitation of this vulnerability allows for authenticated CSV injection, where injected formulas are executed in the context of the spreadsheet application, such as Excel, used to open the CSV file. This could be exploited to manipulate data or perform unauthorized actions based on the injected formula's outcome.

Reproduction

To reproduce this vulnerability, first, authenticate and access the '/v1/operador/' endpoint. Inject a formula, such as '=10*10', into the 'nome_completo' parameter while updating a user's information. After the user is updated, export the user data in CSV format using the same endpoint. Once the CSV file is opened in a spreadsheet application, the injected formula will be executed, demonstrating the CSV injection vulnerability.