cbcvebase.
CVE-2023-32117
published 2024-12-09

CVE-2023-32117: Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue…

PriorityP180critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
6.28%
92.7th percentile
Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through 1.1.99.

Affected

1 ranges
VendorProductVersion rangeFixed in
softlabintegrate_google_driven/a – 1.1.99

Detection & IOCsextracted from sources · hover to see the quote

url/wp-json/igd/v1/get-users-data
path/wp-content/plugins/integrate-google-drive/
  • Detect exploitation attempts by monitoring POST requests to the unauthenticated REST API endpoint /wp-json/igd/v1/get-users-data; a successful exploit returns a JSON body containing 'username', 'name', 'email', and 'role' fields with HTTP 200 and Content-Type application/json.
  • Presence of the plugin path /wp-content/plugins/integrate-google-drive/ on a WordPress site indicates a potentially vulnerable installation (versions up to and including 1.1.99).
  • Unauthenticated POST requests to multiple REST API endpoints (no capability check) allow file moving, folder creation, and data copying — monitor for unauthenticated REST API calls to /wp-json/igd/ routes.
  • ·The vulnerability affects Integrate Google Drive plugin versions up to and including 1.1.99; version 1.2.0 contains the fix. Detections should be scoped to sites running versions <= 1.1.99.
  • ·The missing authorization affects *several* REST API endpoints, not just /wp-json/igd/v1/get-users-data — broaden detection coverage to all /wp-json/igd/v1/ routes.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.