CVE-2018-9161
published 2018-03-31CVE-2018-9161: Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading…
PriorityP279critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
58.53%
99.0th percentile
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| prismaindustriale | checkweigher_prismaweb | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →HTTP GET request to /user/scripts/login_par.js returning HTTP 200 with body containing both 'txtChkUser' and 'txtChkPassword' strings indicates exposed hardcoded credentials. ↗
- →The hardcoded credential for account 'prismaweb' (password: 'prisma') is stored in /user/scripts/login_par.js and is accessible without authentication. ↗
- ·Vulnerability is confirmed only on PrismaWEB version 1.21; other versions may or may not be affected. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Werewolf Online 0.8.8 - Information Disclosure
exploitdb·2018-05-27·CVSS 7.5
CVE-2018-11505 [HIGH] Werewolf Online 0.8.8 - Information Disclosure
Werewolf Online 0.8.8 - Information Disclosure
---
# Exploit Title: Werewolf Online 0.8.8 - Insecure Logging
# Date: 2018-05-24
# Software Link:
https://play.google.com/store/apps/details?id=com.werewolfapps.online
# Download Link:
https://apkpure.com/werewolf-online-unreleased/com.werewolfapps.online/download?from=details
# Exploit Author: ManhNho
# Version: 0.8.8 Android App
# CVE: CVE-2018-11505
# Category: Mobile Apps
# Tested on: Android 4.4
---Description---
Many developers log information to the android log. Sometimes sensitive
data as well.
With output of logcat, Hacker can get "Firebase token" which used in PUT
request to /players/meAndCheckAppVersion
---PoC---
root@vbox86p:/ # ps | grep 'were'
u0_a72 9161 205 810364 172268 ffffffff b765ea23 S
com.werewolfapps.online
root@vb
Nuclei
PrismaWEB - Credentials Disclosure
nuclei·CVSS 9.8
CVE-2018-9161 [CRITICAL] PrismaWEB - Credentials Disclosure
PrismaWEB - Credentials Disclosure
PrismaWEB is susceptible to credential disclosure. The vulnerability exists due to the disclosure of hard-coded credentials allowing an attacker to effectively bypass authentication of PrismaWEB with administrator privileges. The credentials can be disclosed by simply navigating to the login_par.js JavaScript page that holds the username and password for the management interface that are being used via the Login() function in /scripts/functions_cookie.js script.
Template:
id: CVE-2018-9161
info:
name: PrismaWEB - Credentials Disclosure
author: gy741
severity: critical
description: PrismaWEB is susceptible to credential disclosure. The vulnerability exists due to the disclosure of hard-coded credentials allowing an attacker to effectively bypass authen
No writeups or analysis indexed.
2018-03-31
Published