Global Domains International Local File Inclusion Scanner
Detects 'Local File Inclusion (LFI)' vulnerability in Global Domains International.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 week 6 hours
Scan only one
URL
Toolbox
-
Global Domains International provides domain registration and related Internet services. It is used by businesses and individuals to secure web domains and manage online presence. The platform offers various plans and features, making domain management accessible globally. Its services facilitate the establishment of professional online identities. Common users include small businesses, entrepreneurs, and web developers. Its infrastructure supports a wide array of extensions, contributing to its widespread adoption.
Local File Inclusion (LFI) is a vulnerability where an attacker can include files on a server through the web browser. This vulnerability commonly occurs when a web application includes a file based on user input without proper validation. Attackers exploit this weakness to access sensitive files or execute arbitrary code. LFI can compromise the confidentiality and integrity of the application and its data. It often serves as a stepping stone for other attacks, such as Remote Code Execution (RCE). Timely detection and patching are vital to mitigate the threat.
In this case, the vulnerability involves the endpoint `/kvmlm2/index.dhtml` and utilizes parameters like `language` which can be manipulated to include local files unsafely. The GET request is crafted to traverse directories and access sensitive system files. The inclusion of `../../../../../../../../../../etc/passwd%00.jpg` attempts to read the system's password file, indicating directory traversal and file inclusion. Input validation flaws in the parameter allow for this unwanted behaviour. Detection relies on identifying key indicators like the presence of the "root" user details in the response.
Exploiting this vulnerability can lead to unauthorized access to sensitive files on the server. It can allow attackers to gather information for further attacks. Sensitive data exposure and unauthorized actions can compromise system integrity. The vulnerability can be exploited without user interaction, increasing its potential impact. LFI can facilitate unauthorized actions, escalating the risks posed to the infrastructure. Prompt remediation is necessary to prevent exploitation.
REFERENCES
