CVE-2023-37755 PoC — i-doit 信任管理问题漏洞

Source

https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below

Associated Vulnerability

Title:i-doit 信任管理问题漏洞 (CVE-2023-37755)
Description:i-doit pro 25 and below and I-doit open 25 and below are configured with insecure default administrator credentials, and there is no warning or prompt to ask users to change the default password and account name. Unauthenticated attackers can exploit this vulnerability to obtain Administrator privileges, resulting in them being able to perform arbitrary system operations or cause a Denial of Service (DoS).

Readme

# CVE-2023-37755 - Hardcoded Admin Credential in i-doit Pro 25 and below


i-doit Pro 25 and below are vulnerable to Hardcoded admin credential vulnerability. These vulnerabilities could allows anyone to login as admin with just username “admin” and password “admin”.

Description of product: i-doit is a web based Open Source IT documentation and CMDB (Configuration Management Database) developed by synetics GmbH. i-doit Pro is the commercial version of the software and requires a paid license. It comes with additional features, professional support, and regular updates and enhancements. Users need to purchase a license to use i-doit Pro, and the cost varies based on the number of users and features required.


Description of vulnerability: We found that this web application has hardcoded admin credential that allows anyone login as admin with just username “admin” and password “admin”


Affected Webpage: main login page

Affected parameter & Component : main login page

Step 1 : there is no option for application owner to setup admin credential in initial setup page



![step1](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/f46da5bf-a065-437c-8ec8-37d07450c8fa)




![step2](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/23ea4887-9352-44d9-9fee-f993011546aa)




![step3](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/7aedf3bf-0dba-4774-b81c-99e525a09c40)



# this is account creation for admin-center, not for main login.


![step4_admin_center_setup](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/0cc9d996-688f-48dc-9470-e06839fcb8ab)


![step5](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/c19784b5-4796-4234-9855-9027c773921a)



![step6](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/37c5d391-0fbb-4aec-a954-a086e617da4e)



![step7](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/4e329ac5-426d-4a1f-97d3-87141f759303)


#admin-center is for application owner to manage license, upload plugins, manage tenant and etc.
![step8](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/f00d1a0e-2e8e-48ca-9960-36c76b4d9169)




![step9](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/11af76b3-cabb-473c-9568-25c941f8c1f8)



![step10](https://github.com/leekenghwa/CVE-2023-37755---Hardcoded-Admin-Credential-in-i-doit-Pro-25-and-below/assets/45155253/1279c605-dd6f-4213-a9a6-66c2e9c7cbd3)

File Snapshot


 [4.0K]  /data/pocs/74d59ff6cbf4e66e5f7622b612b2b037a0a2bdb3
└── [2.9K]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!