#35157 [W&A-Insight] Unauthorized Access to Shardeum Config Store using default credentials

Submitted on Sep 7th 2024 at 16:30:22 UTC by @sujan_shetty for Audit Comp | Shardeum: Ancillaries II

Report ID: #35157
Report Type: Websites and Applications
Report severity: Insight
Target: https://immunefi.com
Impacts:
- Unauthorized Access to Shardeum Config Store which leads to create,edit,delete configurations

Description

Vulnerability Details

I have found one endpoint http://internal.network.shardeum.org/login which use default credentials so that attacker can bypass auth and attacker can create,edit,delete Shardeum Config Store .

##Steps to reproduce

Navigate to http://internal.network.shardeum.org/login
use below credentials username as admin password ad password
you will get access to internal Dashboard there you create,edit,delete the configurations

Impact Details

attacker can bypass auth and attacker can create,edit,delete Shardeum Config Store .

Proof of Concept

screenshot is attached.

Previous#35824 [W&A-Medium] `/set-config` replay attack is possible in production mode after archiver restar Next#35709 [W&A-Critical] Potential DoS of archiver-server during network restoration via get_account_da

Last updated 9 months ago

Was this helpful?

hashtagDescription

hashtagVulnerability Details

hashtagImpact Details

hashtagProof of Concept

hashtagProof of Concept

Description

Vulnerability Details

Impact Details

Proof of Concept

Proof of Concept