A recent app bug bounty investigation by Intruder’s team of ethical hackers has highlighted the dangers of critical vulnerabilities in applications, including the severity of CVE-2021-22204. This vulnerability and a newly discovered Self-XSS vulnerability together highlight the tenacity required in pursuit of application security. As you know, cyber threats are always changing. To protect their data effectively, organizations need to have a greater understanding of how these weaknesses are misused.
CVE-2021-22204 was reported as an flaw in ExifTool, a widely used command line tool that has had many high CVSS critical vulnerabilities over its history. This development is deeply troubling as it threatens the reliability of these popular, critical applications. Intruder’s findings emphasize that even minor weaknesses can escalate into major breaches, particularly when faced with advanced attackers looking to exploit these vulnerabilities.
The Discovery of Self-XSS Vulnerability
The analysis uncovered a Self-XSS vulnerability in one particular application. This specific vulnerability was especially frightening since it showed the dire reality that attackers could leverage unexpected access to user-supplied HTTP request headers. By triggering a webhook request to an attacker’s web server, the application unknowingly provided an entryway for successful exploitation.
Intruder’s team identified that the attacker’s server responded with a 302 redirect to AWS’s metadata service. This redirection posed a significant risk. By simply altering one number and enumerating through thousands of values, an attacker could potentially download entire databases of sensitive information. The consequences of this finding reinforce the need for strong security controls to protect against exploitation.
Chaining Vulnerabilities for Greater Impact
What makes this case especially troubling is the intersection of two vulnerabilities. Combined with each other, they created a site-wide persistent XSS attack. This is where the attackers duped the application into caching a Self-XSS payload. By extension, they ended up serving it to all of their visitors, multiplying the vulnerability’s effect tremendously.
This tactic serves as a good example of how interrelated curves can be leveraged to increase the impact of an attack. Intruder’s recent data should serve as a further reminder for every organization to regularly undertake security assessments. They need to take robust actions to discover and fix vulnerabilities before they can be exploited by an attacker.
Intruder’s Role in Application Security
Intruder gives you a powerful platform built to identify and fix your applications and cloud infrastructure before the bad guys do. They dive deep into vulnerabilities like CVE-2021-22204 and the recently reported Self-XSS. This makes sure that emerging threats are addressed in a timely, efficient manner.
A unique aspect of Intruder’s platform is their Discovery tab. This allows users to quickly identify what assets they have and where vulnerabilities may already exist within their systems. Organizations can see what Intruder can do with a free 14-day trial. This empowers them to shore up their security posture risk-free and at no upfront cost.