关键漏洞信息 漏洞标题: warehouseManager <= 1.0 - Authentication Bypass Vulnerability Leads to Unauthorized Access to Sensitive Interfaces 漏洞类型: Authentication Bypass 漏洞描述: - The warehouseManager system has an authentication bypass vulnerability. Attackers can bypass the authentication system to make unauthorized queries to relevant sensitive interfaces. - The system has incorrect permission configurations for some public interfaces, such as those under , , , and . When requests to these public paths are constructed using (or by concatenating) special characters like or , it's possible to bypass the authentication for other interfaces. 技术细节与概念验证 (PoC): - After building the project according to the project description document, use Burp to capture packets and splice misconfigured interfaces with interfaces that need to be authenticated. - There is no cookie in the request packet, but the response packet still contains the interface query information. - PoC Code/HTTP Request Example: 影响: - An attacker could gain unauthorized access to sensitive information, modify data, delete data, perform unauthorized actions, escalate privileges, or even completely take over the system. CVSS Score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N (8.2 High) 缓解/建议修复措施: 1. Enforce Strict Authentication and Authorization 2. Path Normalization and Input Sanitization 3. Correct Public Interface Permissions 4. Use Secure Framework Defaults 5. Principle of Least Privilege 参考链接: https://qitee.com/yangshare/warehouseManager