Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2023-37266Improper Authentication in Casaos

CWE-287Improper AuthenticationCWE-1391Use of Weak Credentials5 documents4 sources
Severity
9.8CRITICALNVD
EPSS
89.2%
top 0.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Icewhaletech CasaosGithub.com Icewhaletech CasaosIcewhale Casaos
Timeline
PublishedJul 17
Latest updateAug 20

Description

CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as `root` on CasaOS instances. This problem was addressed by improving the validation of JWTs in commit `705bf1f`. This patch is part of CasaOS 0.4.4. Users should upgrade to CasaOS 0.4.4. If they can't, they should temporarily restrict access to CasaOS to untrusted users, for instance by not exposing it publicly

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

NVDicewhale/casaos< 0.4.4
CVEListV5icewhaletech/casaos< 0.4.4

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
OSV
CasaOS contains weak JWT secrets in github.com/IceWhaleTech/CasaOS2024-08-20
GHSA
CasaOS contains weak JWT secrets2023-07-17
OSV
CasaOS contains weak JWT secrets2023-07-17

💥Exploits & PoCs

1
Nuclei
CasaOS < 0.4.4 - Authentication Bypass via Random JWT Token