Advertisement






Wazuh Dashboard - Information Discoluser

CVE Category Price Severity
CVE-2020-13932 CWE-77 N/A High
Author Risk Exploitation Type Date
Unknown High Remote 2024-03-30
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024030071

Below is a copy:

Wazuh Dashboard - Information Discoluser
# Exploit Title: Wazuh Dashboard - Information Discoluser
# Date: 3/30/2024
# Exploit Author: parsa rezaie khiabanloo
# Vendor Homepage: Wazuh (https://wazuh.com/)
# Version: 4.4.2
# Tested on: Linux/Windows Firefox

Step 1 : open the inspect element and go to the network tab

Step 2 : login to your account on your dashboard

as you see we can what requests we are sending

Step 3 : attacker on network tab must set XHR  see the requests each of them giving the good information to attacker but in response

Step 4 : in configuration file and in the response you can see the username of wazuh dashboard and the wazuh manager for example

statusCode200
error0
dataObject { hosts: [] }
hosts[ {} ]
0Object { default: {} }
defaultObject { url: "https://192.168.113.50", port: 55000, username: "wazuh-wui",  }
url"https://192.168.113.50"
port55000
username"wazuh-wui"
password"*****"
run_asfalse

Step 5 : attacker found  the master server ip and the username of the api

Step 6 : attacker can scan the server with nessus and find the vulnerability of the server or bruteforce the server to gain accsess

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.