arnobt78 Hotel Booking Management System Information Disclosure Vulnerability

A vulnerability allowing information disclosure has been identified in the arnobt78 Hotel Booking Management System, specifically in versions up to and including f8922d0e0f6ac1cc761974c7616f44c2bbc04bea. The issue arises from the Health Check Endpoint at /api/health/detailed, which exposes sensitive system and database information without authentication. This vulnerability can be exploited remotely and has been publicly disclosed, with an available proof-of-concept exploit.

Impact

Exploitation of this vulnerability leads to unauthorized exposure of sensitive system information, including database credentials and performance metrics, which could be used for further exploitation or reconnaissance.

Reproduction

The vulnerability can be reproduced by sending a GET request to the /api/health/detailed endpoint. This request can be made without any authentication, and it will return detailed system information, including platform details, Node.js version, process ID, memory and CPU usage, application uptime, and MongoDB database credentials.

Remediation

It is recommended to implement proper authentication for the health check endpoint and to apply restrictive firewall rules to block unauthorized access.