U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Hacking

Joomla Helpdesk Pro flaws leave systems vulnerable to several attacks

The Outpost24 team has identified several vulnerabilities that affect Joomla HelpDesk Pro extension, the flaws can lead to remote code execution on servers. Kasper Bertelsen, a security researcher at Outpost24 has discovered a number of vulnerabilities in the Joomla Helpdesk Pro extension which can lead to remote code execution on servers. The Helpdesk Pro Joomla extension is developed […]

Joomla Helpdesk Pro flaws leave systems vulnerable to several attacks

The Outpost24 team has identified several vulnerabilities that affect Joomla HelpDesk Pro extension, the flaws can lead to remote code execution on servers.

Kasper Bertelsen, a security researcher at Outpost24 has discovered a number of vulnerabilities in the Joomla Helpdesk Pro extension which can lead to remote code execution on servers.

The Helpdesk Pro Joomla extension is developed by Ossolution Team and implements a feature rich support ticket system for Joomla, one of the most popular CMS on the web.

The flaws uncovered by Bertelsen and his colleagues Simon Rawet, Kristian Varnai, and Gregor Mynarsky are quite common in web applications, the vulnerabilities include cross-site scripting, direct object references, SQL injection, local file injection, path traversal, and arbitrary file upload.

Joomla Helpdesk Pro

Below the code assigned to the vulnerabilities.
CVE-2015-4071 CVSS: 4.0 Direct Object References
CVE-2015-4072 CVSS: 6.5 Multiple XSS
CVE-2015-4073 CVSS: 7.8 SQL Injection
CVE-2015-4074 CVSS: 7.8 Local file disclosure/Path traversal
CVE-2015-4075 CVSS: 6.8 File Upload

As explained by the experts the flaws in the Joomla Helpdesk Pro extension leave the servers hosting the platform open to a number of cyber attacks.

“[The security issues] leave systems vulnerable to a wide variety of attack types, with effects ranging from disclosure of potentially sensitive information, to a complete server takeover with arbitrary code execution,” says . “All of these attacks have been shown to have the potential to cause serious harm, many of them with the very real possibility of a full compromise of the server, and even the most harmless attack disclosing sensitive information about users. “

According to the experts at Outpost24, the exploits work for Joomla HelpDesk Pro version 1.3.0, meanwhile no official tests have been done on early versions.

“All versions prior to 1.4.0, where the issues were finally patched, are suspected of being vulnerable.”

The experts described in detail the flaws reported, the local file disclosure hole, for example, could be exploited by hackers to access the configuration.php file that contains sensitive data like users’ credentials. The experts explained that the exploit works because an the service used to download and upload documents not properly restrict downloaded files.

“This information can give an attacker free access to the database, or even the ability to freely upload their own files to the server, where they could then be executed, giving them complete access to the server,” Bertelsen says.

Users are recommended to upgrade their software to the last version.

Pierluigi Paganini

(Security Affairs – Joomla Helpdesk Pro , hacking)