Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

F-Secure Radar Open Redirect

🗓️ 16 Feb 2018 00:00:00Reported by Oscar HjelmType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 40 Views

F-Secure Radar Open Redirect vulnerability with unvalidated redirect on login pag

Related
Code
ReporterTitlePublishedViews
Family
CVE		CVE-2018-6324
16 Feb 201804:00
cve
Cvelist		CVE-2018-6324
16 Feb 201804:00
cvelist
EUVD		EUVD-2018-18085
7 Oct 202500:30
euvd
NVD		CVE-2018-6324
16 Feb 201804:29
nvd
OSV		CVE-2018-6324
16 Feb 201804:29
osv
Prion		Open redirect
16 Feb 201804:29
prion
`F-Secure Radar Login Page Unvalidated Redirect Vulnerability  
  
CVE-2018-6324  
https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-6324  
  
# Summary  
The application will upon successfully logging in redirect the user to a user-controlled destination. A victim user may not recognise that a redirection takes place as they expect to be sent to a new page.  
  
# Vendor Description  
F-Secure Radar is a turnkey vulnerability scanning and management platform. It allows you to identify and manage both internal and external threats, report risks, and be compliant with current and future regulations (such as PCI and GDPR compliance). It gives you visibility into shadow IT - to map your full attack surface and respond to critical vulnerabilities associated with cyber threats.  
Source: https://www.f-secure.com/en/web/business_global/radar  
  
# Remediation  
F-Secure has remediated this issue; no action required for cloud users or on-premise users receiving updates.  
  
# Technical Details  
  
Navigating to the Radar application at https://portal.radar.f-secure.com/ will result in the user being sent to https://portal.radar.f-secure.com/login?ReturnUrl=~2Fdashboard.  
  
Upon successful authentication, the value of the ReturnURL query parameter will be used to determine the redirect destination. It is possible to set this to any arbitrary domain as the value is neither validated nor forced to be a relative path.  
  
The following URL would redirect the user to example.com after logging in:  
https://portal.radar.f-secure.com/login?ReturnUrl=~2F~2Fexample.com  
  
This could be used to send the user to a phishing site, prompting them to re-authenticate (e.g. "Wrong password or username, please try again").  
  
# Vulnerability Disclosure Timeline  
2018-02-05 - Vulnerability discovered  
2018-02-05 - Vendor contact & response  
2018-02-09 - Vendor confirms fix  
2018-02-15 - Public disclosure  
  
This post is also available at http://oscarhjelm.com/blag/2018/02/f-secure-radar-login-page-unvalidated-redirect-vulnerability/  
  
  
Best regards,  
Oscar Hjelm  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
16 Feb 2018 00:00Current
6.6Medium risk
Vulners AI Score6.6
EPSS0.00195
f-secure radarvulnerabilityopen redirect
40