diff --git a/src/content/pentests/DG25-11.md b/src/content/pentests/DG25-11.md index 6f5ad4e..db59e94 100644 --- a/src/content/pentests/DG25-11.md +++ b/src/content/pentests/DG25-11.md @@ -3,7 +3,7 @@ title: "DG25-11: Improper handling of user-provided input leads to panic" severity: Info cvss_string: "/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1552 - +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-14.md b/src/content/pentests/DG25-14.md index dd1cae9..98ce46b 100644 --- a/src/content/pentests/DG25-14.md +++ b/src/content/pentests/DG25-14.md @@ -4,6 +4,7 @@ cvss_score: 6.0 severity: Low cvss_string: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1558 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-20.md b/src/content/pentests/DG25-20.md index 81f9c55..446239d 100644 --- a/src/content/pentests/DG25-20.md +++ b/src/content/pentests/DG25-20.md @@ -4,6 +4,7 @@ severity: Low cvss_score: 5.3 cvss_string: "/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1555 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-24.md b/src/content/pentests/DG25-24.md index 59186bf..c941988 100644 --- a/src/content/pentests/DG25-24.md +++ b/src/content/pentests/DG25-24.md @@ -4,6 +4,7 @@ cvss_score: severity: Info cvss_string: "/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1550 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-25.md b/src/content/pentests/DG25-25.md index 6a8e6f4..cd0ced6 100644 --- a/src/content/pentests/DG25-25.md +++ b/src/content/pentests/DG25-25.md @@ -4,6 +4,7 @@ severity: Low cvss_score: 4.3 cvss_string: "/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1554 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-27.md b/src/content/pentests/DG25-27.md index f2b33a3..7c8fcd8 100644 --- a/src/content/pentests/DG25-27.md +++ b/src/content/pentests/DG25-27.md @@ -7,6 +7,10 @@ issue_link: https://github.com/DefGuard/client/issues/551 status: In Progress --- +#### Detailed status + +Issue fixed for Linux and MacOS. In progress for Windows. + ### Technical details Defguard Desktop Client package installs a privileged system service and diff --git a/src/content/pentests/DG25-28.md b/src/content/pentests/DG25-28.md index 5022a10..6a695fd 100644 --- a/src/content/pentests/DG25-28.md +++ b/src/content/pentests/DG25-28.md @@ -4,6 +4,7 @@ severity: Low cvss_score: 3.3 cvss_string: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" issue_link: https://github.com/DefGuard/client/issues/563 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-29.md b/src/content/pentests/DG25-29.md index 9511015..18c1f2c 100644 --- a/src/content/pentests/DG25-29.md +++ b/src/content/pentests/DG25-29.md @@ -4,6 +4,7 @@ severity: Info cvss_score: 3.3 cvss_string: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1545 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-30.md b/src/content/pentests/DG25-30.md deleted file mode 100644 index 90ed53d..0000000 --- a/src/content/pentests/DG25-30.md +++ /dev/null @@ -1,114 +0,0 @@ ---- -title: "DG25-30: [desktop_client] Summary" -severity: Info -issue_link: https://github.com/DefGuard/defguard/issues/1556 ---- - -### Summary - -The analysis revealed three weaknesses, verified some theses and -rejected others that do not apply to the application's use cases.The -most serious vulnerability allows a user (or process) with low -privileges to manage WireGuard interfaces. - -#### Dependencies - -Node audit reports three public-known vulnerabilities detected in -dependencies of the repository.The possibility of exploiting these -vulnerabilities in the application has not been confirmed.Security best -practices require monitoring and updating project dependencies. - -**Moderate** -*esbuild enables any website to send any requests to the development server and read the response.* - -- **Package:** esbuild -- **Vulnerable versions:** <= 0.24.2 -- **Patched versions:** >= 0.25.0 -- **Paths:** > vite > esbuild -- **More info:** https://github.com/advisories/GHSA-67mh-4wv8-2f99 - -**Low** -*brace-expansion Regular Expression Denial of Service vulnerability* - -- **Package:** brace-expansion -- **Vulnerable versions:** >= 1.0.0 <= 1.1.11 -- **Patched versions:** >= 1.1.12 -- **Paths:** > eslint > minimatch > brace-expansion -- **More info:** https://github.com/advisories/GHSA-v6h2-p8h4-qcjw - -**Low** -*brace-expansion Regular Expression Denial of Service vulnerability* - -- **Package:** brace-expansion -- **Vulnerable versions:** >= 2.0.0 <= 2.0.1 -- **Patched versions:** >= 2.0.2 -- **Paths:** > @svgr/cli > glob > minimatch > brace-expansion -- **More info:** https://github.com/advisories/GHSA-v6h2-p8h4-qcjw - -#### OS's native tools and libraries - -The application depends on the tools and libraries of the operating -system. - -First of all, the official WireGuard client is required for all -supporting operating systems. - -- https://www.wireguard.com/install/. - -Application for the Linux requires additional the resolvconf and the ip -tools.Application for the MacOS requires additional the networksetup -tool. - -Finally, the appropriate web engine is required for each operating -system. - -In some cases, the application may not work due to unmet -dependencies.![](/images/pentest/DG25/img11.png){width="43.075483377077866in" -height="2.2417125984251967in"} - -All of the mentioned components do not belong to the application -project, so the user is responsible for installing them and maintaining -security updates. - -There is another potential risk associated with the use of external -tools.If a malicious user finds a way to modify the PATH environment -variable of the Defguard service, then privilege escalation becomes very -easy. - -#### Web renderer - -The user interface is built using web technologies, which introduces the -risk of security vulnerabilities known to the frontend.Analysis showed -that developers follow good practices and the application does not load -remote resources at runtime, so the risk is limited. - -#### Local port of the gRPC service - -Service listening on a local port and expecting HTTP requests can be -targeted from a web browser.In the worst scenario, visiting a dangerous -site may result in the successful exploitation. - -This attack vector does not apply to the gRPC service for two reasons: - -1. The gRPC uses HTTP2 features that are beyond the control of the - JavaScript. - -2. The gRPC service does not return a valid CORS response, so the web - browser abandons further requests. - -However, in the case of the Defgurad Desktop Client, the gRPC service -listening on local port (127.0.0.1:54127) introduces a LPE/EoP -vulnerability. - -#### Recommendations - -The main recommendation is to fix the reported vulnerabilities. - -Mnimizing dependencies will reduce the risk associated with their -confirmed and potential vulnerabilities.Eliminating dependence on system -components could improve application reliability and also eliminate the -potential risk associated with modifying the PATH environment variable. - -The application uses default TLS/SSL verification when connecting to the -Defguard server.Introducing support for custom CA and certificate -pinning would raise the security level. diff --git a/src/content/pentests/DG25-31.md b/src/content/pentests/DG25-31.md index c39d139..8f30c87 100644 --- a/src/content/pentests/DG25-31.md +++ b/src/content/pentests/DG25-31.md @@ -3,6 +3,7 @@ title: "DG25-31: Some users might be blocked from accessing defguard via OpenID" severity: Info cvss_string: "/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1549 +status: Completed --- ### Technical details diff --git a/src/content/pentests/DG25-32.md b/src/content/pentests/DG25-32.md index d461787..b49600d 100644 --- a/src/content/pentests/DG25-32.md +++ b/src/content/pentests/DG25-32.md @@ -4,6 +4,7 @@ severity: Low cvss_score: 2.7 cvss_string: "/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" issue_link: https://github.com/DefGuard/defguard/issues/1560 +status: Completed --- ### Technical details diff --git a/src/pages/security.astro b/src/pages/security.astro index fb537b1..397d3d6 100644 --- a/src/pages/security.astro +++ b/src/pages/security.astro @@ -44,6 +44,10 @@ const tags = [ trustedBy={false} title="Our Security Approach" description="Building a secure software is a mindset. Features, great UI, and easy deployment are often things that draw users to the software, but when building software in the cybersecurity space, the approach to security should be what tips the scales of choice. Here is ours." + buttons={[ + { name: "Pentesting Security Report", link: "/pentesting/" }, + { name: "Vulnerability Disclosure Process", link: "#VDP" } + ]} />