Articles Vulnerability in Cloudflare CDN puts almost 13% of sites...

Vulnerability in Cloudflare CDN puts almost 13% of sites on the Internet at risk of being hacked

-

The issue affects CDNJS, a content delivery network designed to accelerate the delivery of JavaScript libraries.

The company Cloudflare, which provides CDN services, has fixed a dangerous vulnerability that threatened to compromise about 12.7% of all sites on the Internet.

According to cybersecurity researcher RyotaK, the problem affects CDNJS, a content delivery network designed to accelerate the delivery of JavaScript libraries, and the vulnerability itself lies in the possibility of replacing JavaScript libraries served by websites and executing arbitrary code on CDN servers.

While analyzing cdnjs.com, the researcher noticed that users can request libraries that are not yet in CDNJS. In addition, it turned out that cdnjs / bot-ansible and cdnjs / tools contain auto-updating scripts to ensure that library updates are automatically downloaded.

CDNJS downloads packages from Git or an NPM repository, and allows any site to take advantage of the Cloudflare content delivery network for free to speed up the loading of JavaScript libraries. At the same time, to unpack NPM packages in tgz archives, the archive / tar module in the Go language is used, which produces a list of files without path normalization.

As part of the experiment, RyotaK published a test library called hey-sven in CDNJS and added new versions of hey-sven to the NPM repository. In one of the versions, the researcher injected hidden in ZIP / TGZ archives Bash scripts that exploit the directory traversal vulnerability (Path Traversal).

Moreover, the EA was able to inject GITHUB_REPO_API_KEY (an API key that grants write permissions) and WORKERS_KV_API_TOKEN (can be used to modify libraries in the Cloudflare Workers cache) into scripts issued by the CDN (cdnjs.cloudflare.com).

“By combining these permissions, it is possible to modify a key part of CDNJS, such as CDNJS origin data, KV cache, and even the CDNJS website,” the researcher explained.

RyotaK informed Cloudflare of an issue under the HackerOne Platform Vulnerability Disclosure Program in April this year, and it was fixed within 24 hours.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you