Critical Vulnerability In ISPsystem Software Could Allow Web Session Hijacking

A critical security vulnerability in ISPsystem software put nearly 10,000 installations at risk. Exploiting the vulnerability could allow an attacker to hijack a web session of another logged-in user. The vulnerability allegedly affected all ISPsystem products.

Critical ISPsystem Software Vulnerability Discovered

The Check Point Research team have discovered a critical security vulnerability in ISPsystem software. As per their findings, the vulnerability could allow an attacker to hijack a web session of logged-in users. This could subsequently allow the attacker to compromise websites and virtual machines, and pilfer data.

Stating about their discovery in their blog post, they explained that the vulnerability threatened the integrity of all ISPsystem products including ISPmanager, DCImanager, VMmanager, BILLmanager, IPmanager, COREmanager, and DNSmanager.

As elaborated in their post, the server used to set a session cookie for an authenticated user. A potential attacker could hijack a logged-in web session by picking up the correct 6-byte HEX encoded string value of the cookie via a session cookie generator algorithm.

The researchers have given a quick demonstration in the following video.

ISPsystem Fixed The Bug

Upon finding the vulnerability in the ISPsystem software, researchers quickly notified the officials regarding the matter. They confirm that ISPsystem support quickly responded to their report and fixed the bug.

So, the vulnerability that affected roughly 11,000 ISPsystem installations has been patched with the software version 5.178.2. While the vendors already released the fix in November 2018, anyone running the software versions older than 5.178.2 must ensure updating to the higher versions to stay protected from possible cyber threats.

ISPsystem is a comprehensive user-friendly software offering various functionalities. It facilitates in managing websites and web-server, VPS (virtual private servers), dedicated servers, billing and payment services. As stated on their website, ISPsystem has its clients in around 150 countries. Some of the popular hosting providers using their products include King Servers, 1Cloud, and Ru-Center.

Take your time to comment on this article.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients