Headline
CVE-2023-36651: CVCN
Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login to web management as super-admin and consume the most privileged REST API endpoints via these credentials.
- Home
- Dettaglio CVE-2023-36651
CVE-2023-36651
Description
Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote attackers to login to web management as super-admin and consume the most privileged REST API endpoints via these credentials.
CVE Link****CVSS v3.1****Details
Introduction
By analyzing the CryptoSpike database table related to system users’ management, a hidden user with high privileges has been found. This user, named "prolionadmin", shows a weak password, easily guessable with dictionary techniques and equal to other users’ password. The same user is hidden among other users in the web management interface of CryptoSpike (so it is not possible to change its password, deactivate it, etc.), however it is authorized to login inside CryptoSpike system or use the REST API endpoints.
Steps to reproduce
Connect to CryptoSpike web management with “prolionadmin” as username and its password. The user will be authenticated and authorized as a privileged user with all functions activated.
Navigate to "User Management", “Users” section and search for all users in the system:
The “prolionadmin” user will not appear in the list, so it is not possible to change its password or deactivate it neither with another administrative user.