CVE-2021-26292 Scanner
Detects 'Full Path Disclosure' vulnerability in AfterLogic Aurora & WebMail Pro affects v. < 7.7.9.
Short Info
Level
Low
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Time Interval
780 sec
Scan only one
Domain, Ipv4
Toolbox
-
AfterLogic Aurora and WebMail Pro are advanced email, calendar, and contacts software solutions designed for personal and corporate use. They offer a rich webmail interface, integrated web administration panel, and complete suite of collaboration tools. These products are utilized by businesses and individuals seeking efficient and flexible webmail solutions. Aurora and WebMail Pro support both private and cloud hosting, providing users with access to their email and collaboration tools from anywhere. Their versatility and ease of use make them popular choices for users looking for reliable webmail and collaboration platforms.
The vulnerability stems from the WebDAV endpoint's handling of DELETE requests. When an attacker uses the 'caldav_public_user@localhost' username and its predefined password 'caldav_public_user' in a DELETE request for a non-existent file, the server responds with an error message that includes the web root path. This behavior inadvertently discloses critical system information. The issue is specific to versions of AfterLogic Aurora and WebMail Pro before 7.7.9. The simplicity of the exploit, requiring only basic authorization credentials, underscores the need for rigorous input validation and error handling within web applications.
The primary risk associated with this vulnerability is informational disclosure. By obtaining the server's web root path, an attacker gains insights into the server's directory structure, potentially facilitating further attacks, such as directory traversal or targeted exploitation of server-side files. Although this vulnerability alone does not grant unauthorized access or control, it could be a stepping stone in a multi-stage attack, increasing the overall risk to the affected systems.
The S4E platform provides a proactive approach to identifying vulnerabilities like CVE-2021-26292 in your digital environment. Our cutting-edge scanning technology helps uncover potential security weaknesses, offering detailed reports and remediation strategies. Membership on our platform ensures continuous surveillance of your web assets against a broad spectrum of security threats, allowing you to address vulnerabilities before they can be exploited. Enhance your cyber defense posture with S4E and safeguard your digital assets against emerging threats.
References