Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

AVG Threat Labs - Cross Site Request Forgery Vulnerability

🗓️ 03 Mar 2016 00:00:00Reported by Karim Rahal [[email protected]] - @KarimMTVType 
vulnerlab
 vulnerlab🔗 www.vulnerability-lab.com👁 39 Views

AVG Threat Labs - Cross Site Request Forgery Vulnerability, CSRF in AVG Threat Labs Web Application 2016 Q

Code
Document Title:
===============
AVG Threat Labs - Cross Site Request Forgery Vulnerability


References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1660


Release Date:
=============
2016-03-03


Vulnerability Laboratory ID (VL-ID):
====================================
1660


Common Vulnerability Scoring System:
====================================
3.1


Product & Service Introduction:
===============================
Threat Labs is AVG’s latest security tool, continuing our commitment to malware and virus detection and eradication. With an Internet 
security and protection policy built heavily around the concept of `scan before you leap`, AVG Threat Labs offers the same kind of 
pre-click analysis as our unique LinkScanner® real-time surf and search technology, though at a far more comprehensive level. AVG Threat 
Labs is a fast and easy route to website security, offering quick search functionality with its `Big Search` URL address box, as well as 
clear and comprehensive website security reports presented in a simple-to-follow graphical format.


(Copy of the Vendor Homepage: http://www.avgthreatlabs.com/de-de/website-safety-reports/ )


Abstract Advisory Information:
==============================
An independent vulnerability laboratory researcher discovered a cross site request forgery web vulnerability in the official AVG Threat Labs web-application.


Vulnerability Disclosure Timeline:
==================================
2016-01-17: Researcher Notification & Coordination (Karim Rahal)
2016-01-18: Vendor Notification (AVG Security Team)
2016-01-21: Vendor Response/Feedback (AVG Security Team)
2016-03-01: Vendor Fix/Patch (Adobe Developer Team)
2016-03-02: Security Acknowledgements (AVG Security Team)
2016-03-03: Public Disclosure (Vulnerability Laboratory)


Discovery Status:
=================
Published


Affected Product(s):
====================
AVG
Product: Threat Labs - Web Application 2016 Q1


Exploitation Technique:
=======================
Remote


Severity Level:
===============
Low


Technical Details & Description:
================================
A cross site request forgery web vulnerbaility has been discovered in the official AVG Threat Labs web-application service.
CSRF is when an attacker is able to run a Request through an user`s account because the request is lacking a token protection. 

A CSRF exploitation is done by runing a request through the victim`s browser into his account and the request will succesfully
work due to the website not being able to make the request of that victim uniquer than the attacker`s and everyone else`s requests.

The security risk of the cross site request forgery web vulnerability is estimated as medium with a cvss (common vulnerability 
scoring system) count of 3.1. Exploitation of the cross site request forgery web vulnerability requires no privileged web-application 
user accountbut low or medium user interaction. Successful exploitation of the vulnerability results in unauthorized execution of 
web-application functions by client-side interaktion.

Request method(s):
				[+] POST

Vulnerable Service(s):
				[+] avgthreatlabs.com

Vulnerable Module(s):
				[+] add-domain-watchlist



Proof of Concept (PoC):
=======================
The vulnerability can be exploited by remote attackers without privileged web-application user account and with low or medium user interaction.
For security demonstration or to reproduce the vulnerability follow the provided information and steps below to continue.

PoC or Exploitcode:
<form action="http://www.avgthreatlabs.com/ww-en/user-profile/add-domain-watchlist/" method="post">
<input name="domain" value="Enter Website" type="text">
<button type="submit">Submit CSRF Exploit</button>
</form>


Video: https://www.youtube.com/watch?v=HnpzjNlbkPg


Security Risk:
==============
The security risk of the cross site request forgery web vulnerability in the avg threat labs web-application is estimated as medium. (CVSS 3.1)


Credits & Authors:
==================
Karim Rahal [[email protected]] - @KarimMTV


Disclaimer & Information:
=========================
The information provided in this advisory is provided as it is without any warranty. Vulnerability Lab disclaims all warranties, either expressed 
or implied, including the warranties of merchantability and capability for a particular purpose. Vulnerability-Lab or its suppliers are not liable 
in any case of damage, including direct, indirect, incidental, consequential loss of business profits or special damages, even if Vulnerability-Lab 
or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for 
consequential or incidental damages so the foregoing limitation may not apply. We do not approve or encourage anybody to break any vendor licenses, 
policies, deface websites, hack into databases or trade with fraud/stolen material.

Domains:    www.vulnerability-lab.com   	- www.vuln-lab.com			       		- www.evolution-sec.com
Contact:    [email protected] 	- [email protected] 	       		- [email protected]
Section:    magazine.vulnerability-db.com	- vulnerability-lab.com/contact.php		       	- evolution-sec.com/contact
Social:	    twitter.com/#!/vuln_lab 		- facebook.com/VulnerabilityLab 	       		- youtube.com/user/vulnerability0lab
Feeds:	    vulnerability-lab.com/rss/rss.php	- vulnerability-lab.com/rss/rss_upcoming.php   		- vulnerability-lab.com/rss/rss_news.php
Programs:   vulnerability-lab.com/submit.php  	- vulnerability-lab.com/list-of-bug-bounty-programs.php	- vulnerability-lab.com/register/

Any modified copy or reproduction, including partially usages, of this file requires authorization from Vulnerability Laboratory. Permission to 
electronically redistribute this alert in its unmodified form is granted. All other rights, including the use of other media, are reserved by 
Vulnerability-Lab Research Team or its suppliers. All pictures, texts, advisories, source code, videos and other information on this website 
is trademark of vulnerability-lab team & the specific authors or managers. To record, list (feed), modify, use or edit our material contact 
([email protected] or [email protected]) to get a permission.

				Copyright © 2015 | Vulnerability Laboratory - [Evolution Security GmbH]™

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
03 Mar 2016 00:00Current
7.1High risk
Vulners AI Score7.1
avgthreat labscross site request forgeryvulnerabilityweb applicationremote exploitationmedium severity
39