CVE-2024-46310 Scanner

FXServer is a popular platform used by gaming communities to create multiplayer servers for games like CFX.re FiveM. It is especially favored by gamers who want to run dedicated servers with enhanced controls and customization. The software is typically used by individuals and organizations who manage communities in gaming environments. Its primary function is to host gaming servers that facilitate multiplayer interactions. This platform allows users to set up, configure, and manage their own game servers, offering tools and features to handle server operations efficiently. Due to its open nature, FXServer is also known for its rich customization capabilities, making it a preferred choice among game server owners.

An Information Disclosure vulnerability in FXServer allows attackers to access sensitive information through improper access controls. This issue exists in versions of FXServer prior to v9601 and is a result of exposed API endpoints. The vulnerability allows unauthenticated users to read and modify user data, which can pose significant security risks. These risks arise because confidential information such as player identifiers and other sensitive data may be exposed. Attackers exploiting this vulnerability can gain unauthorized access to user data, leading to potential further attacks and privacy breaches. The exposure of such information can make systems vulnerable to a range of security issues.

The vulnerability is found in one of FXServer's API endpoints that fails to adequately restrict unauthorized access. This specific endpoint allows for reading user data without proper authentication checks. The vulnerable endpoint is "/players.json", which can be queried by sending a GET request. The server responds with user data, including fields such as "endpoint", "id", "identifiers", "name", and "ping". With a status code of 200, this response confirms the presence of information disclosure. This flaw allows attackers to read and potentially modify sensitive information that should otherwise be protected.

Exploiting this vulnerability can lead to severe implications for affected systems. Attackers can access sensitive user information, leading to privacy violations and potential misuse of data. Unauthorized modifications to user data could disrupt server operations and negatively impact user experience. Server administrators may face reputational damage and loss of trust among users if such vulnerabilities are exploited. Additionally, once attackers gain sensitive data, they may use it for further attacks, escalating the security threat. Therefore, prompt remediation and securing the vulnerable API endpoint is crucial to prevent data breaches and unauthorized access.

REFERENCES

• https://github.com/UwUtisum/CVE-2024-46310
• https://vulmon.com/vulnerabilitydetails?qid=CVE-2024-46310
• https://vulners.com/githubexploit/D31ED8EC-1E21-54F9-AD42-778DAFBC8B4E