CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

Vertical Privilege Escalation in KONGA 0.14.9 allows attackers to higher privilege users to full administration access. The attack vector is a crafted condition, as demonstrated by the /api/user/{ID} at ADMIN parameter.

**terça-feira, 16 de novembro de 2021**

  **KONGA 0.14.9 - Privilege Escalation (Exploit)**

**Report Vulnerability**

**_Product: KONGA Model:  0.14.9 Vulnerability: Privilege EscalationImpact: Full admin access (v__ertical privilege escalation__)_****_Authentication: required_ ****_Exploit Author: Fabricio Salomao (__@\_SOl0m0n__) / Paulo Trindade (@paulotrindadec)_**

**PoC**

Bellow has created a normal user called "usernormal" without privilege.

Through of request bellow was changed the flag "FALSE" in the parameter "admin" to "**TRUE**".

![](https://1.bp.blogspot.com/-UvzhCIJXGGM/YZP0iI5s4vI/AAAAAAAAT00/tlLPp9CzvO8yr16cNxsx_TGyLoGUqqDfgCLcBGAsYHQ/w640-h234/p2.png)

  

![](https://lh3.googleusercontent.com/-ZLbg9rps_J0/YZPx5tNmzWI/AAAAAAAAT0s/uU-Hi62G0oogpKzNYu75ZCS22CkrTWogwCLcBGAsYHQ/w640-h250/image.png)

After running the exploit, the privilege escalation was a success!

**Result:**

![](https://1.bp.blogspot.com/-QkIP_UYLdMQ/YZP0_MYbvfI/AAAAAAAAT08/Cdl2tOveJNstnRXWQPf_N9w8CJXQnfOOwCLcBGAsYHQ/w640-h200/p3.jpeg)

  

**Nenhum comentário:**

**Postar um comentário**

Headline

CVE-2021-44103: KONGA 0.14.9 - Privilege Escalation (Exploit)

CVE: Latest News