CVE-2022-1044: Sensitive Data Exposure Due To Insecure Storage Of Profile Image in trudesk

Description

When the user uploads his profile picture, the uploaded image’s EXIF Geolocation Data does not get stripped. As a result, anyone can get sensitive information of trudesk users like their Geolocation, their Device information like Device Name, Version, Software & Software version used, etc.

Proof of Concept

1.Browse this link:- https://github.com/ianare/exif-samples/blob/master/jpg/gps/DSCN0012.jpg

2.Download the image Upload the picture on your profile and click on save.

3.Now see the path of the uploaded image ( Either by right click on image then copy image address OR right-click, inspect the image, the URL will come in the inspect, edit it as HTML )

4.Then open:- http://exif.regex.info/exif.cgi

5.Then select the image and click on “View Image Data” now you can see the EXIF data.

Video PoC:-

https://drive.google.com/file/d/1_-lUIFVpC0BrxrviLgO-Kythb-qaBt8a/view?usp=sharing

Impact

This vulnerability impacts all users on trudesk. This vulnerability violates the privacy of a User and shares sensitive information of the user who uploads their profile picture on trudesk.