Main Vulnerability Database Exploits ID:8785 - Exploit for Improper Authorization in Apex One - CVE-2023-0587

ID:8785 - Exploit for Improper Authorization in Apex One - CVE-2023-0587

Published: February 1, 2023

Vulnerability identifier: #VU71738

Vulnerability risk: Medium

CVE-ID: CVE-2023-0587

CWE-ID: CWE-285

Exploitation vector: Remote access

Vulnerable software:
Apex One

Link to public exploit:

https://github.com/tenable/poc/blob/master/TrendMicro/tm_apex_one_fcgiOfcDDA_file_upload.py

Vulnerability description

The vulnerability allows a remote attacker to perform denial of service (DoS) attack.

The vulnerability exists due to missing authorization when processing file uploads at the " /officescan/console/html/cgi/fcgiOfcDDA.exe" URL. A remote non-authenticated attacker can send a specially crafted HTTP PUT request with a malformed Content-Length header, upload an arbitrary number of large files to the SampleSubmission directory (i.e., \\PCCSRV\\TEMP\\SampleSubmission) and consume all available disk space, causing a denial of service condition.

Remediation

Install updates from vendor's website.

ID:8785 - Exploit for Improper Authorization in Apex One - CVE-2023-0587

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human