HAX CMS Sensitive Data Exposure Vulnerability via Publicly Accessible Server-Status Endpoint
Vulnerability
A vulnerability in HAX CMS versions prior to 25.0.0 allows unauthenticated access to the /server-status endpoint, which exposes sensitive information such as authentication tokens, user activity, client IP addresses, and server configuration details. This vulnerability enables real-time monitoring of user interactions and gathering of internal infrastructure information.
Impact
Exploitation of this vulnerability leads to unauthorized exposure of sensitive data, including authentication tokens and user activity, along with internal server and infrastructure details. This creates opportunities for privacy violations, reconnaissance, and potential abuse.
Reproduction
To reproduce this vulnerability, access the /server-status endpoint without authentication. The exposed data will include the server version, OpenSSL version, client IP addresses, live HTTP requests, and user_token values from API endpoints.
Remediation
Users can upgrade to HAX CMS version 25.0.0 or later to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.