Megagao Production SSM Authorization Bypass Vulnerability Allowing Unauthorized User Creation
Vulnerability
An authorization bypass vulnerability has been identified in Megagao Production SSM version 1.0, specifically within the user addition feature. The issue arises in the UserController.java file, where the insert() method fails to implement necessary authentication checks. This flaw enables unauthenticated attackers to access the /user/insert endpoint and create super administrator accounts, potentially leading to a complete compromise of the system.
Impact
Exploitation of this vulnerability allows for unauthorized creation of super administrator accounts, granting full administrative privileges and control over the application.
Reproduction
To reproduce this vulnerability, log into the application using the default account. Navigate to the 'System Management' section, then to 'User Management', and select 'Add User'. Intercept the request using Burp Suite and remove all authentication headers, such as cookies. After sending the modified request, refresh the user list to confirm the successful addition of an administrator account without authorization.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.