Vulnerability Details : CVE-2023-26494
lorawan-stack is an open source LoRaWAN network server. Prior to version 3.24.1, an open redirect exists on the login page of the lorawan stack server, allowing an attacker to supply a user controlled redirect upon sign in. This issue may allows malicious actors to phish users, as users assume they were redirected to the homepage on login. Version 3.24.1 contains a fix.
Vulnerability category: Open redirect
Products affected by CVE-2023-26494
- cpe:2.3:a:thethingsnetwork:lorawan-stack:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-26494
0.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 56 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-26494
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
NIST | |
6.1
|
MEDIUM | CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
2.8
|
2.7
|
GitHub, Inc. |
CWE ids for CVE-2023-26494
-
The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.Assigned by: security-advisories@github.com (Primary)
References for CVE-2023-26494
-
https://securitylab.github.com/advisories/GHSL-2022-138_lorawan-stack/
GHSL-2022-138: open redirect in lorawan stack - CVE-2023-26494 | GitHub Security LabExploit;Third Party Advisory
-
https://github.com/TheThingsNetwork/lorawan-stack/blob/ecdef730f176c02f7c9afce98b0457ae64de5bfc/pkg/webui/account/views/login/index.js#L90-L90
lorawan-stack/index.js at ecdef730f176c02f7c9afce98b0457ae64de5bfc · TheThingsNetwork/lorawan-stack · GitHubProduct
-
https://github.com/TheThingsNetwork/lorawan-stack/releases/tag/v3.24.1
Release v3.24.1 · TheThingsNetwork/lorawan-stack · GitHubRelease Notes
-
https://github.com/TheThingsNetwork/lorawan-stack/commit/f06776028bdb3994847fc6067613dc61a2b3559e
account: Prevent open redirects after login · TheThingsNetwork/lorawan-stack@f067760 · GitHubPatch
-
https://github.com/TheThingsNetwork/lorawan-stack/blob/ecdef730f176c02f7c9afce98b0457ae64de5bfc/pkg/webui/account/views/token-login/index.js#L74-L74
lorawan-stack/index.js at ecdef730f176c02f7c9afce98b0457ae64de5bfc · TheThingsNetwork/lorawan-stack · GitHubProduct
Jump to