Servisnet Tessa Privilege Escalation

Discussion in 'News Aggregator' started by Packet Storm, 5 Feb 2022.

  1. Packet Storm

    Packet Storm Guest

    This Metasploit module exploits privilege escalation in Servisnet Tessa triggered by the add new sysadmin user flow with any user authorization. An API request to "/data-service/users/[userid]" with any low-authority user returns other users' information in response. The encrypted password information is included here, but privilege escalation is also possible with the active sessionid value.

    Continue reading...
     

Share This Page

Loading...