Vulnerability Note VU#294272
ReadyDesk contains multiple vulnerabilities
ReadyDesk, version 9.1 and possibly others, contains SQL injection, path traversal, hard-coded cryptographic key, and arbitrary file upload vulnerabilities that may be leveraged to expose sensitive data and execute arbitrary code in the context of the vulnerable software.
ReadyDesk is a help desk ticketing web application designed to facilitate business internal or business to customer interactions.
CWE-89: Improper Neutralization of Special Elements used in a SQL Command ('SQL Injection') - CVE-2016-5048
A remote, unauthenticated attacker can obtain sensitive database information, read arbitrary files, and execute arbitrary code in the context of the vulnerable software.
The CERT/CC is currently unaware of a practical solution to these problems. A vendor advisory for version 9.2 states that it contains "Critical Security Updates," though details are not provided and it is unknown whether any of the vulnerabilities described above are addressed.
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|ReadyDesk||Affected||20 Jun 2016||09 Aug 2016|
CVSS Metrics (Learn More)
Thanks to Andrew Tierney of Pen Test Partners for reporting these vulnerabilities.
This document was written by Joel Land.
- CVE IDs: CVE-2016-5048 CVE-2016-5049 CVE-2016-5683 CVE-2016-5050
- Date Public: 16 Aug 2016
- Date First Published: 16 Aug 2016
- Date Last Updated: 16 Aug 2016
- Document Revision: 21
If you have feedback, comments, or additional information about this vulnerability, please send us email.