CVE-2009-4367

Sitecore Staging Module <5.4.0 - Auth Bypass

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-4367. PoCs published by L. Weichselbaum.

AI-analyzed exploit summary This advisory details an authentication bypass vulnerability in Sitecore Staging Module, allowing arbitrary file upload, download, directory listing, and cache clearing via the Staging Webservice. The exploit leverages improper authentication checks in SOAP requests to the API endpoint.

Description

The Staging Webservice ("sitecore modules/staging/service/api.asmx") in Sitecore Staging Module 5.4.0 rev.080625 and earlier allows remote attackers to bypass authentication and (1) upload files, (2) download files, (3) list directories, and (4) clear the server cache via crafted SOAP requests with arbitrary Username and Password values, possibly related to a direct request.

Exploits (1)

exploitdb WRITEUP VERIFIED

by L. Weichselbaum · textwebappswindows

https://www.exploit-db.com/exploits/10513

View Code ZIP pw:eip

This advisory details an authentication bypass vulnerability in Sitecore Staging Module, allowing arbitrary file upload, download, directory listing, and cache clearing via the Staging Webservice. The exploit leverages improper authentication checks in SOAP requests to the API endpoint.

Classification

Writeup 100%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Sitecore Staging Module <= 5.4.0 rev.080625

No auth needed

Prerequisites: Access to the Staging Webservice endpoint · Network connectivity to the target server

MITRE ATT&CK