Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software

Cyber Security

Products You May Like

Oct 17, 2023NewsroomVulnerability / Cyber Threat

Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems.

The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10.

Sonar security researcher Thomas Chauchefoin, who discovered the bugs, said they “allow attackers to get around authentication requirements and gain full access to the CasaOS dashboard.”

Cybersecurity

Even more troublingly, CasaOS’ support for third-party applications could be weaponized to run arbitrary commands on the system to gain persistent access to the device or pivot into internal networks.

Following responsible disclosure on July 3, 2023, the flaws were addressed in version 0.4.4 released by its maintainers IceWhale on July 14, 2023.

A brief description of the two flaws is as follows –

  • CVE-2023-37265 – Incorrect identification of the source IP address, allowing unauthenticated attackers to execute arbitrary commands as root on CasaOS instances
  • CVE-2023-37265 – Unauthenticated attackers can craft arbitrary JSON Web Tokens (JWTs) and access features that require authentication and execute arbitrary commands as root on CasaOS instances

A consequence of successful exploitation of the aforementioned flaws could allow attackers to get around authentication restrictions and gain administrative privileges on vulnerable CasaOS instances.

Cybersecurity

“In general, identifying IP addresses at the application layer is risk-prone and shouldn’t be relied on for security decisions,” Chauchefoin said.

“Many different headers may transport this information (X-Forwarded-For, Forwarded, etc.), and the language APIs sometimes need to interpret nuances of the HTTP protocol the same way. Similarly, all frameworks have their own quirks and can be tricky to navigate without expert knowledge of these common security footguns.”

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Products You May Like

Articles You May Like

Apple Cuts Jobs in Online Services Group as Priorities Shift
Redmi 14C With 6.88-Inch LCD Screen, MediaTek Helio G81 Chipset Launched: Price, Specifications
NASA’s SpaceX Crew-9 Mission Adjusts Crew Ahead of September Launch
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

Leave a Reply

Your email address will not be published. Required fields are marked *