CVE-2023-37755 PoC — i-doit 信任管理问题漏洞

Source

https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below

Associated Vulnerability

Title:i-doit 信任管理问题漏洞 (CVE-2023-37755)
Description:i-doit是i-doit公司的一个配置管理数据库软件。 i-doit pro和i-doit open存在安全漏洞，该漏洞源于默认管理员凭据存在安全漏洞。攻击者可利用该漏洞获取管理员权限，并执行任意代码或造成拒绝服务（DoS）。受影响的产品和版本：i-doit Pro 25及之前版本，i-Doit Open25及之前版本。

Readme

# CVE-2023-37755 - Hardcoded Admin Credential in i-doit Pro 25 and below


i-doit Pro 25 and below are vulnerable to Hardcoded admin credential vulnerability. These vulnerabilities could allows anyone to login as admin with just username “admin” and password “admin”.

Description of product: i-doit is a web based Open Source IT documentation and CMDB (Configuration Management Database) developed by synetics GmbH. i-doit Pro is the commercial version of the software and requires a paid license. It comes with additional features, professional support, and regular updates and enhancements. Users need to purchase a license to use i-doit Pro, and the cost varies based on the number of users and features required.


Description of vulnerability: We found that this web application has hardcoded admin credential that allows anyone login as admin with just username “admin” and password “admin”


Affected Webpage: main login page

Affected parameter & Component : main login page

Step 1 : there is no option for application owner to setup admin credential in initial setup page



![step1](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/f46da5bf-a065-437c-8ec8-37d07450c8fa)




![step2](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/23ea4887-9352-44d9-9fee-f993011546aa)




![step3](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/7aedf3bf-0dba-4774-b81c-99e525a09c40)



# this is account creation for admin-center, not for main login.


![step4_admin_center_setup](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/0cc9d996-688f-48dc-9470-e06839fcb8ab)


![step5](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/c19784b5-4796-4234-9855-9027c773921a)



![step6](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/37c5d391-0fbb-4aec-a954-a086e617da4e)



![step7](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/4e329ac5-426d-4a1f-97d3-87141f759303)


#admin-center is for application owner to manage license, upload plugins, manage tenant and etc.
![step8](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/f00d1a0e-2e8e-48ca-9960-36c76b4d9169)




![step9](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/11af76b3-cabb-473c-9568-25c941f8c1f8)



![step10](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/1279c605-dd6f-4213-a9a6-66c2e9c7cbd3)

File Snapshot


 [4.0K]  /data/pocs/74d59ff6cbf4e66e5f7622b612b2b037a0a2bdb3
└── [2.9K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!