Goby/json/Chanjet-unauthorized-access-and-admin-password-reset.json

{
  "Name": "Chanjet unauthorized access and admin password reset",
  "Description": "<p>Chanjet T+ is a management software that fully satisfies the needs of the integrated management of corporate finance and business.<br></p><p>There are security loopholes in Chanjet. Attackers do not authorize access to the interface, resulting in access to sensitive information such as path leakage, unauthorized modification of administrator passwords, and access to background permissions.<br></p>",
  "Product": "Chanjet",
  "Homepage": "https://www.chanjet.com/",
  "DisclosureDate": "2022-03-31",
  "Author": "abszse",
  "FofaQuery": "body=\"/tplus/\"",
  "GobyQuery": "body=\"/tplus/\"",
  "Level": "2",
  "Impact": "<p>There are security loopholes in Chanjet. Attackers do not authorize access to the interface, resulting in access to sensitive information such as path leakage, unauthorized modification of administrator passwords, and access to background permissions.<br></p>",
  "Recommendation": "<p>Set up whitelist access through security devices such as firewalls.</p><p>Follow the official website for updates: <a href=\"https://www.chanjet.com/\">https://www.chanjet.com/</a></p>",
  "References": [
    "https://fofa.so/"
  ],
  "Is0day": false,
  "HasExp": true,
  "ExpParams": [
    {
      "name": "cmd",
      "type": "select",
      "value": "Access,password reset",
      "show": ""
    }
  ],
  "ExpTips": {
    "Type": "",
    "Content": ""
  },
  "ScanSteps": [
    "AND",
    {
      "Request": {
        "method": "GET",
        "uri": "",
        "follow_redirect": false,
        "header": {},
        "data_type": "text",
        "data": ""
      },
      "ResponseTest": {
        "type": "group",
        "operation": "AND",
        "checks": [
          {
            "type": "item",
            "variable": "$code",
            "operation": "==",
            "value": "200",
            "bz": ""
          }
        ]
      },
      "SetVariable": []
    }
  ],
  "ExploitSteps": [
    "OR",
    {
      "Request": {
        "method": "GET",
        "uri": "",
        "follow_redirect": false,
        "header": {},
        "data_type": "text",
        "data": ""
      },
      "ResponseTest": {
        "type": "group",
        "operation": "AND",
        "checks": [
          {
            "type": "item",
            "variable": "$code",
            "operation": "==",
            "value": "",
            "bz": ""
          }
        ]
      },
      "SetVariable": []
    }
  ],
  "Tags": [
    "Unauthorized Access",
    "Remote Password Change"
  ],
  "VulType": [
    "Unauthorized Access",
    "Remote Password Change"
  ],
  "CVEIDs": [
    ""
  ],
  "CNNVD": [
    ""
  ],
  "CNVD": [
    ""
  ],
  "CVSSScore": "7.5",
  "Translation": {
    "CN": {
      "Name": "畅捷通未授权访问和任意密码修改漏洞",
      "Product": "畅捷通",
      "Description": "<p>畅捷通T+是一款全面满足企业财务业务一体化管理需求的管理软件。<br></p><p>畅捷通存在安全漏洞，攻击者未授权访问接口导致获取路径泄露等敏感信息以及未授权修改管理员密码，获取后台权限。<br></p>",
      "Recommendation": "<p>通过防火墙等安全设备设置白名单访问。</p><p>关注官网更新：<a href=\"https://www.chanjet.com/\">https://www.chanjet.com/</a></p>",
      "Impact": "<p>畅捷通存在安全漏洞，攻击者未授权访问接口导致获取路径泄露等敏感信息以及未授权修改管理员密码，获取后台权限。<br></p>",
      "VulType": [
        "远程密码修改",
        "未授权访问"
      ],
      "Tags": [
        "远程密码修改",
        "未授权访问"
      ]
    },
    "EN": {
      "Name": "Chanjet unauthorized access and admin password reset",
      "Product": "Chanjet",
      "Description": "<p>Chanjet T+ is a management software that fully satisfies the needs of the integrated management of corporate finance and business.<br></p><p>There are security loopholes in Chanjet. Attackers do not authorize access to the interface, resulting in access to sensitive information such as path leakage, unauthorized modification of administrator passwords, and access to background permissions.<br></p>",
      "Recommendation": "<p>Set up whitelist access through security devices such as firewalls.</p><p>Follow the official website for updates: <a href=\"https://www.chanjet.com/\">https://www.chanjet.com/</a></p>",
      "Impact": "<p>There are security loopholes in Chanjet. Attackers do not authorize access to the interface, resulting in access to sensitive information such as path leakage, unauthorized modification of administrator passwords, and access to background permissions.<br></p>",
      "VulType": [
        "Unauthorized Access",
        "Remote Password Change"
      ],
      "Tags": [
        "Unauthorized Access",
        "Remote Password Change"
      ]
    }
  },
  "AttackSurfaces": {
    "Application": null,
    "Support": null,
    "Service": null,
    "System": null,
    "Hardware": null
  }
}