Vulnerability Spotlight: Lansweeper directory traversal and cross-site scripting vulnerabilities

Thursday, December 1, 2022 10:12

Marcin ‘Icewall’ Noga of Cisco Talos discovered these vulnerabilities.

Cisco Talos recently discovered several directory traversal and cross-site scripting vulnerabilities in Lansweeper.

Lansweeper is an IT Asset Management solution that gathers hardware and software information of computers and other devices on a computer network for management, compliance and audit purposes.

Talos has identified two directory traversal vulnerabilities that can lead to arbitrary file upload: TALOS-2022-1528 (CVE-2022-32573) and TALOS-2022-1529 (CVE-2022-29517). Two other vulnerabilities exist where directory traversal can lead to arbitrary file read: TALOS-2022-1530 (CVE-2022-29511) and TALOS-2022-1531 (CVE-2022-27498). An attacker can send an HTTP request to trigger these vulnerabilities.

Both TALOS-2022-1532 (CVE-2022-28703) and TALOS-2022-1541 (CVE-2022-32763) are cross-site scripting sanitation bypass vulnerabilities which can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities as well.

Cisco Talos worked with Lansweeper to ensure that these issues were resolved and an update is available for affected customers, all in adherence to Cisco’s vulnerability disclosure policy.

Users are encouraged to update this affected product as soon as possible: Lansweeper 10.1.1.0. Talos tested and confirmed this version of Lansweeper could be exploited by these vulnerabilities.

The following Snort rules will detect exploitation attempts against these vulnerabilities: 59990-59992, 59999-60000, 60001-60002, 60054-60056, 60142-60144 and 60219. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.