Product detail

Affected product: Kodbox
Affected version: 1.46
Affected component: /?user/index/loginSubmit

kodbox <= 1.46 has a security flaw that enables user enumeration in '/?user/index/loginSubmit'. This problem is present on the login page, where an attacker can identify valid users based on varying response messages, potentially paving the way for a brute force attack snice there is no rate limit in login.

Prerequisite

Install Kodbox from official Kodbox Github repository GitHub page


Kodbox version 1.46 released on Nov 9


Installed Kodbox version 1.46


Exploitation

1. Try to login with the username in wordlist. Non-existing username, the popup will be "User does not exist"



2. For existing username, the popup will be "Wrong password". At this point we can use burp intruder to perform a brute-force attack with the existing username