Skip to content

Commit

Permalink
[CVE-2021-40875] 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Browse files Browse the repository at this point in the history
  • Loading branch information
sickcodes committed Oct 4, 2021
1 parent 8e0d2ac commit 0762c81
Showing 1 changed file with 5 additions and 4 deletions.
9 changes: 5 additions & 4 deletions advisories/SICK-2021-129.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,9 @@ CVE-2021-40875: Improper Access Control in Gurock TestRail versions 7.2.0.3014 a
CVE-2021-40875

### CVSS Score
Pending
7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

### Internal ID
SICK-2021-129
Expand All @@ -20,20 +22,19 @@ TestRail Test Case Management Software
7.2.0.3014 and below

### Vulnerability Details
Improper access control in the installation artifacts of Gurock TestRail versions 7.2.0.3014 allows a remote unauthenticated attacker to view sensitive SQL import files, some of which contain API keys and a full directory listing of files included in the installation, as well as SQL table names.
Improper Access Control in Gurock TestRail versions < 7.2.0.3014 resulted in sensitive information exposure. A threat actor can access the /files.md5 file on the client side of a Gurock TestRail application, disclosing a full list of application files and the corresponding file paths. The corresponding file paths can be tested, and in some cases, result in the disclosure of hardcoded credentials, API keys, or other sensitive data.

### Vendor Response
Pending

### Proof of Concept


https://github.com/SakuraSamuraii/derailed


```bash
#!/bin/bash
# Author: sickcodes &
# Author: sickcodes
# Contact: https://twitter.com/sickcodes
# Copyright: sickcodes (C) 2021
# License: GPLv3+
Expand Down

0 comments on commit 0762c81

Please sign in to comment.