Researcher finds 184 million unique references in the uncovered database, including bank, health, government and major-technical platform reports
- Advertisement -
Related Posts
- Advertisement -
- The Sitecore CMS had an account with a hardcode password
- Threat actors can use it to upload random files, reaching RCE
- Thousands of endpoints are at risk
Sitecore Experience Platform, a content management system at company level (CMS) Wore three vulnerabilities that, when they have been chained together, had experts warned the full takeover of vulnerable servers.
CyberSecurity -researchers Watchtowr discovered that the first mistake is a hard code password for an internal user – just one letter – ‘B’ – making it super easy to guess.
The account has no admin privileges, but Watchtowr found malignant users via an alternative login that would give them verified access to internal end points.
Patch the errors
This is the scene for the exploitation of the second error, described as a “zip -slip” in the Sitecore upload wizard.
In short, the now enhancing attackers can upload malignant files Due to insufficient path sanitary facilities and the way Sitecore maps paths. As a result, they can write random files in the Weboot.
These two problems alone can be sufficient to cause serious damage to the compromised server, but the problems do not stop there.
If the website has installed the Sitecore Powershell Extensions (SPE) module, which is usually bundled with SXA, attackers can upload random files to specific paths, circumventing extension or location restrictions and resulting in a “reliable RCE”.
All Sitecore versions from 10.1 to 10.4 are apparently vulnerable, which translates into about 22,000 publicly exposed authorities, on the press of the press – but only because they are all accessible and perform these versions does this not necessarily mean that they are all vulnerable.
“Sitecore is used in thousands of environments, including banks, airlines and global companies – so the explosion ray here is huge,” said CEO of Wachttowr, Benjamin Harris Bleeping computer.
“And no, this is not theoretical: we have led the full chain, end-to-end. If you carry out Sitecore, it will not get worse than this-rotation Creds and patch immediately before attackers inevitably reverse engineer.”
So far there were no reports of abuse in the wild, but there is now a patch available, so users have to update as quickly as possible.
Maybe you like it too
- Advertisement -
