Remote File Inclusion Vulnerability in Offensive Security’s Zendesk

Remote File Inclusion Vulnerability in Offensive Security’s Zendesk

Severity: Critical

Summary:
During a security assessment of Offsec’s Zendesk platform, a critical remote file inclusion vulnerability was discovered. This vulnerability allows an attacker to include arbitrary files from the server, potentially leading to unauthorized access and sensitive information disclosure.

Description:
By manipulating the URL parameter, an attacker can exploit the remote file inclusion vulnerability in Offsec’s Zendesk platform. Specifically, by accessing the following URL: “help.offsec.com/attachments/token/zWOMtkG8Ufht5COFWQDekA2xO/?name=config.json”, an attacker can trigger the download of the “config.json” file.

Impact:
This vulnerability poses a significant risk as it enables an attacker to retrieve sensitive configuration files from the server. The exposed information could include database credentials, API keys, and other sensitive data, potentially leading to further compromise of the system and unauthorized access to user information.

Recommendation:
Offsec’s security team is advised to promptly address this vulnerability by implementing proper input validation and sanitization mechanisms. Additionally, access controls should be enforced to prevent unauthorized access to sensitive files. Regular security assessments and code reviews are recommended to identify and mitigate similar vulnerabilities in the future.