PhotoPrism Unauthenticated Access Scanner
This scanner detects the use of PhotoPrism Unauthenticated Access in digital assets. It identifies instances that are accessible without authentication, potentially exposing sensitive user data and photos.
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
17 days 13 hours
Scan only one
Domain, Subdomain, IPv4
Toolbox
-
The PhotoPrism application is widely utilized for managing personal photo collections. It is a versatile, AI-powered photo app primarily employed by individuals and organizations to organize, protect, and share their photography. The app is commonly used on private servers, offering significant flexibility in managing photo metadata and integrating with cloud storage. Users appreciate its decentralized nature, allowing private management without heavy dependency on third-party services. Professional photographers may use it to organize portfolios, while families find it valuable for personal use. Corporations may also utilize this software for managing large databases of images in a secure environment.
Unauthenticated Access in PhotoPrism allows unauthorized users to access the application without needing to verify their identity. This vulnerability can expose sensitive user data, including personal photos, potentially leading to privacy violations. It is considered a critical security risk and may enable attackers to view, modify, or delete stored images without consent. Such a flaw can occur if access control mechanisms are not properly configured or enforced. The detection of this vulnerability helps highlight potential misconfigurations in authentication protocols. Addressing this issue is crucial to securing the data stored within the PhotoPrism application.
Technical details of the Unauthenticated Access vulnerability in PhotoPrism include the ability for users to access the '/api/v1/config' endpoint without proper authentication. This endpoint, if improperly secured, provides responses with sensitive data markers such as "mode":"user" and "PhotoPrism" within JSON payloads. The vulnerability is identified when the server returns a '200 OK' HTTP status code and a content type of 'application/json', indicating successful unauthorized data retrieval. Such conditions imply that aspects like mode or user-level configurations are visible to unauthorized entities. Analysts use these criteria to determine if the PhotoPrism instance is misconfigured, providing an entry point for unauthorized users.
When exploited, this vulnerability can lead to unauthorized exposure of user data and photos within the PhotoPrism application. Attackers may gain access to photos, metadata, and user configurations, potentially causing privacy breaches. This exposure could also lead to data theft, including sensitive information captured in photos or associated metadata. Furthermore, attackers might alter or delete important image files, resulting in data loss for users. The presence of unauthorized access may allow attackers to manipulate system configuration settings. Ultimately, exploited vulnerabilities could compromise the integrity and confidentiality of data managed by PhotoPrism.
REFERENCES