Scientists have disclosed a previously undocumented regional file inclusion (LFI) vulnerability in Hashnode, a developer-oriented running a blog platform, that could be abused to access delicate info this kind of as SSH keys, server’s IP tackle, and other network information.
“The LFI originates in a Bulk Markdown Import element that can be manipulated to present attackers with unimpeded potential to obtain regional information from Hashnode’s server,” Akamai scientists mentioned in a report shared with The Hacker News.
Regional file inclusion flaws take place when a web application is tricked into exposing or jogging unapproved data files on a server, major to listing traversal, information disclosure, distant code execution, and cross-website scripting (XSS) attacks.
The flaw, caused thanks to the web application failing to adequately sanitize the route to a file that is passed as input, could have critical repercussions in that an assailant could navigate to any path on the server and obtain sensitive facts, which include the /and so on/passwd file that contains a checklist of consumers on the server.
Armed with this exploit, the scientists said they were being in a position to detect the IP tackle and the private secure shell (SSH) important affiliated with the server.
While the vulnerability has due to the fact been dealt with, the findings arrive as Akamai claimed it recorded extra than five billion LFI attacks involving September 1, 2021, and February 28, 2022, marking a 141% raise in excess of the past 6 months.
“LFI attacks are an attack vector that could cause major hurt to an firm, as a risk actor could acquire information and facts about the network for upcoming reconnaissance,” the scientists claimed.
Uncovered this article intriguing? Adhere to THN on Facebook, Twitter and LinkedIn to browse far more exclusive material we post.
Some pieces of this short article are sourced from: