Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Sitecore 9.3 - Webroot File Read

By kannthu

High
Vidoc logoVidoc Module
#sitecore#lfi
Description

What is "Sitecore 9.3 - Webroot File Read"?

The "Sitecore 9.3 - Webroot File Read" module is designed to detect a specific vulnerability in the Sitecore 9.3 software. This vulnerability allows an attacker to read sensitive files from the webroot directory, potentially exposing sensitive information. The severity of this vulnerability is classified as high.

This module was authored by DhiyaneshDK.

Impact

If successfully exploited, this vulnerability could lead to the exposure of sensitive files, such as configuration files or user data, which could be used by an attacker to gain unauthorized access or perform further attacks.

How does the module work?

The "Sitecore 9.3 - Webroot File Read" module works by sending a specific HTTP request to the target Sitecore instance. The request path is "/api/sitecore/Sitecore.Mvc.DeviceSimulator.Controllers.SimulatorController,Sitecore.Mvc.DeviceSimulator.dll/Preview?previewPath=/App_Data/license.xml" and the method is "GET".

The module includes two matching conditions:

- The first condition checks the response body for the presence of the "If both matching conditions are met, the module reports a vulnerability.

Reference:

- https://blog.assetnote.io/2023/05/10/sitecore-round-two/

Metadata:

max-request: 1

verified: true

shodan-query: title:"Sitecore"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/api/sitecore/Siteco...
Matching conditions
word: <signedlicense id=, <Signatureand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability