HomeVulnerabilityEnterprises with Kyocera printers open to path traversal assaults

Enterprises with Kyocera printers open to path traversal assaults

Whereas performing penetration testing, nevertheless, a Trustwave researcher was in a position to intercept and modify the entry request utilizing an internet interception proxy (Burp suite) or by sending the request on to the appliance endpoint. This allowed UNC paths to be set as backup areas.

“Trustwave SpiderLab’s Senior Technical Specialist, Jordan Hedges, found an improper enter validation for the “path” parameter accepted by the “/backup-restore-service/config/backup-path” endpoint which handles requests from the UI to set the database backup location,” Trustwave stated in a weblog publish. “He submitted a backup path that may go the UI validation after which intercepted the shopper request post-validation to change the trail parameter worth to a UNC path beneath his management.”

Whereas there is no such thing as a workaround to this vulnerability, Kyocera has rolled out a security replace with a patch that implements a validation perform, that if a path is modified to an invalid path, the invalid path is ignored and the unique legitimate path continues to be utilized.

See also  Cisco patches IOS XE vulnerabilities actively being exploited

The affected gadgets embody those working the unpatched newest model of Kyocera’s Machine Supervisor that helps set up on Home windows Server 2012/2016/2019/2022 and Home windows 10 and Home windows 11.

UNC authentication makes an attempt can enable credential relaying

Trying to set the UNC path for the backup location triggers the system supervisor to provoke authenticating the share by means of NTLM (NT LAN Supervisor) protocols which, relying on a sure system configuration, permits credentials leakage.

Credentials leakage right here refers back to the seize or relay of Energetic Listing hashed credentials if the “Prohibit NTLM: Outgoing NTLM visitors to distant servers” security coverage shouldn’t be enabled, in line with the publish.

- Advertisment -spot_img
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular