Cerberus Helpdesk Workers File User Credentials Disclosure

Type attackerkb
Reporter AttackerKB
Modified 2020-03-25T00:00:00


Cerberus Helpdesk on Version 4.2.3 Stable (Build 925) and 5.4.4 and potentially below, contain an unsecured file which contains configuration details including all user’s usernames and password hashes.

Recent assessments:

h00die at March 25, 2020 12:30am UTC reported:

Found this software in an enterprise environment. The /storage/tmp/devblocks_cache---ch_workersand /storage/tmp/zend_cache---ch_workersfiles contain lots of data, however the only things of value are a list of usernames and password hashes. When found in an enterprise, this gave us over 200 MD5 hashes, which was a huge win. Never seen the software before or after though.

Assessed Attacker Value: 3
Assessed Attacker Value: 5