CVE-2005-0316

WebWasher Classic 2.2.1 and 3.3 - Unauthenticated Access Restriction Bypass via CONNECT Request

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-0316. PoCs published by Oliver Karow.

AI-analyzed exploit summary This exploit demonstrates a weakness in WebWasher Classic that allows remote attackers to bypass access controls and connect to arbitrary ports on the vulnerable system via the CONNECT method. The PoC uses netcat to listen on a local port and then connects through the WebWasher proxy to retrieve the content of a file.

Description

WebWasher Classic 2.2.1 and 3.3, when running in server mode, does not properly drop CONNECT requests to the localhost from external systems, which could allow remote attackers to bypass intended access restrictions.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Oliver Karow · textremotemultiple

https://www.exploit-db.com/exploits/25066

View Code ZIP pw:eip

This exploit demonstrates a weakness in WebWasher Classic that allows remote attackers to bypass access controls and connect to arbitrary ports on the vulnerable system via the CONNECT method. The PoC uses netcat to listen on a local port and then connects through the WebWasher proxy to retrieve the content of a file.

Classification

Working Poc 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: WebWasher Classic 3.3 and 2.2.1

No auth needed

Prerequisites: Access to the WebWasher proxy port (default 8080/tcp) · Netcat or similar tool to set up a listener

MITRE ATT&CK