Lucene search
Ryan MoorePACKETSTORM:171629HistoryApr 03, 2023 - 12:00 a.m.
perfSONAR 4.4.5 Cross Site Request Forgery
2023-04-0300:00:00
Ryan Moore
packetstormsecurity.com
111
cross site request forgery
perfsonar
v4.4.5
csrf
ryan moore
cve-2022-41413
xmlhttprequests
0.001 Low
EPSS
Percentile
35.8%
`Exploit Title: perfSONAR v4.4.5 - Partial Blind CSRF
Link: https://github.com/perfsonar/
Affected Versions: v4.x <= v4.4.5
Vulnerability Type: Partial Blind CSRF
Discovered by: Ryan Moore
CVE: CVE-2022-41413
Summary
A partial blind CSRF vulnerability exists in perfSONAR v4.x <= v4.4.5 within the /perfsonar-graphs/ test results page. Parameters and values can be injected/passed via the URL parameter, forcing the client to connect unknowingly in the background to other sites via transparent XMLHTTPRequests. This partial blind CSRF bypasses the built-in whitelisting function in perfSONAR.
This vulnerability was patched in perfSONAR v4.4.6.
Proof of Concept
Examples
Here are two examples of this vulnerability. For further details, review the Technical Overview section below.
Example 1:
Client browser connects to www.google.com in the background.
http://192.168.68.145/perfsonar-graphs/?source=1&dest=2&url=https://www.google.com
Example 2:
Client browser connects to arbitrary IP and port in the background, passing delete parameter to /api endpoint.
http://192.168.68.145/perfsonar-graphs/?source=8.8.8.8&dest=%26action%3Ddelete&url=http://192.168.68.113:4444/api
`
Related
prion
prion
Cross site request forgery (csrf)
2022-11-30 05:15:00
zdt
zdt
perfSONAR v4.4.5 - Partial Blind CSRF Vulnerability
2023-04-02 00:00:00
cve
cve
CVE-2022-41413
2022-11-30 05:15:11
cvelist
cvelist
CVE-2022-41413
2022-11-30 00:00:00
nvd
nvd
CVE-2022-41413
2022-11-30 05:15:11
exploitdb
exploitdb
perfSONAR v4.4.5 - Partial Blind CSRF
2023-04-01 00:00:00