{"id":59903,"date":"2024-10-21T18:15:56","date_gmt":"2024-10-21T15:15:56","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/182292\/paxtonnet2-bypass.txt"},"modified":"2024-10-21T18:15:56","modified_gmt":"2024-10-21T15:15:56","slug":"paxton-net2-api-license-bypass","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/paxton-net2-api-license-bypass\/","title":{"rendered":"Paxton Net2 API License Bypass"},"content":{"rendered":"<p>CloudAware Security Advisory<\/p>\n<p>CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software<\/p>\n<p>========================================================================<br \/>Summary<br \/>========================================================================<br \/>Bypass of Paxton Net2 API license. Possible leaking of PII and access to <br \/>admin functionality.<br \/>No physical access to computer running Paxton Net2 is required.<\/p>\n<p>========================================================================<br \/>Product<br \/>========================================================================<br \/>* Paxton Net2 (version &lt; 6.07.14023.5015 (SR4))<\/p>\n<p>========================================================================<br \/>Detailed description<br \/>========================================================================<br \/>Paxton Net2 software offers an API. This API offers the user access to <br \/>sensitive data such as access logs and other<br \/>user data.[2]In order to enable the API a license file is needed. The license file is <br \/>trivial to generate as demonstrated in POC in ref [1].<br \/>This is possible while the signature checks in the Net2 software were <br \/>not functional for the license file.<br \/>Additionally to the license file user credentials are needed to <br \/>authenticate against the API.<br \/>The vendor has fixed this in version 6.07.14023.5015 (SR4) of the Net2 <br \/>software.<\/p>\n<p>========================================================================<br \/>Solution<br \/>========================================================================<br \/>Upgrade Paxton Net2 to version 6.07.14023.5015 (SR4)<\/p>\n<p>========================================================================<br \/>Mitigation<br \/>========================================================================<br \/>1) If an upgrade is not an option &#8211; as `anyone&#8217; can create valid license <br \/>files; ensure that the filesystem of<br \/>computers running Paxton Net2 are not reachable by unauthorised entities.<br \/>2) Evaluate the impact of the disclosure of any configurations rolled <br \/>out prior to these mitigation steps<\/p>\n<p>========================================================================<br \/>Weblinks<br \/>========================================================================<br \/>[1] https:\/\/github.com\/gitaware\/poc_exploit_paxton_license<br \/>[2] <br \/>https:\/\/www.paxton-access.com\/integrating-with-paxton\/how-to-integrate-with-net2\/integration-capability-matrix\/<\/p>\n<p>========================================================================<br \/>History<br \/>========================================================================<br \/>Feb 26, 2024: Paxton informed about working POC<br \/>Feb 29, 2024: Paxton confirms working POC<br \/>&lt;Sept 2024: Paxton releases software update to fix issue<br \/>Oct 10, 2024: CVE-2024-48939 issued<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CloudAware Security Advisory CVE-2024-48939: Unauthorized enabling of API in Paxton Net2 software ========================================================================Summary========================================================================Bypass of Paxton Net2 API license. Possible leaking of PII and access to admin functionality.No physical access to computer running Paxton Net2 is required. ========================================================================Product========================================================================* Paxton Net2 (version &lt; 6.07.14023.5015 (SR4)) ========================================================================Detailed description========================================================================Paxton Net2 software offers an API. This API offers the user &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59903","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59903","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59903"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59903\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59903"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59903"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59903"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}