Sitecore 9.3 - Webroot File Read

What is "Sitecore 9.3 - Webroot File Read"?

The "Sitecore 9.3 - Webroot File Read" module is designed to detect a specific vulnerability in the Sitecore 9.3 software. This vulnerability allows an attacker to read sensitive files from the webroot directory, potentially exposing sensitive information. The severity of this vulnerability is classified as high.

This module was authored by DhiyaneshDK.

Impact

If successfully exploited, this vulnerability could lead to the exposure of sensitive files, such as configuration files or user data, which could be used by an attacker to gain unauthorized access or perform further attacks.

How does the module work?

The "Sitecore 9.3 - Webroot File Read" module works by sending a specific HTTP request to the target Sitecore instance. The request path is "/api/sitecore/Sitecore.Mvc.DeviceSimulator.Controllers.SimulatorController,Sitecore.Mvc.DeviceSimulator.dll/Preview?previewPath=/App_Data/license.xml" and the method is "GET".

The module includes two matching conditions:

- The first condition checks the response body for the presence of the "If both matching conditions are met, the module reports a vulnerability.

Reference:

- https://blog.assetnote.io/2023/05/10/sitecore-round-two/

Metadata:

max-request: 1

verified: true

shodan-query: title:"Sitecore"