what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Barracuda WAF Authentication Bypass

Barracuda WAF Authentication Bypass
Posted Aug 4, 2014
Authored by Nick Hayes | Site portcullis-security.com

It is possible to re-use a link which includes a non-expiring authentication token in the query string to gain access to the interface of the Barracuda Web Application Firewall (WAF) firmware version 7.8.1.013.

tags | exploit, web, bypass
advisories | CVE-2014-2595
SHA-256 | 49b95080b97fed1ca7fc8d3aa3dfef41e6c259c643023705114b6de832727218

Barracuda WAF Authentication Bypass

Change Mirror Download
Vulnerability title: Authentication Bypass in Barracuda Web Application
Firewall
CVE: CVE-2014-2595
Vendor: Barracuda
Product: Web Application Firewall
Affected version: Firmware v7.8.1.013
Fixed version: N/A
Reported by: Nick Hayes

Details:

It is possible to re-use a link which includes a non-expiring
authentication token in the query string to gain access to the interface
of the Barracuda Web Application Firewall (WAF) firmware version 7.8.1.013.

Example:

http://waf.ptest.cudasvc.com/cgi-mod/index.cgi?auth_type=Local&et=99999999996locale=en_US&password=5a2fd48b65c5d80881eeb0f738bcc6dc&primary_tab=SECURITY%20POLICIES&secondary_tab=request_limits&user=guest

The above link opens up the Request Limit Policies on the Barracuda labs
WAF test host as the Guest user. This has been confirmed to work on
actual devices and with administrative accounts.


Further details at:
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2014-2595/


Copyright:
Copyright (c) Portcullis Computer Security Limited 2014, All rights
reserved worldwide. Permission is hereby granted for the electronic
redistribution of this information. It is not to be edited or altered in
any way without the express written consent of Portcullis Computer
Security Limited.

Disclaimer:
The information herein contained may change without notice. Use of this
information constitutes acceptance for use in an AS IS condition. There
are NO warranties, implied or otherwise, with regard to this information
or its use. Any use of this information is at the user's risk. In no
event shall the author/distributor (Portcullis Computer Security
Limited) be held liable for any damages whatsoever arising out of or in
connection with the use or spread of this information.


Login or Register to add favorites

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close