Security News > 2020 > July > Apache Guacamole Vulnerabilities Facilitate Attacks on Enterprises
Remote code execution and information disclosure vulnerabilities addressed in Apache Guacamole can be highly useful to threat actors targeting enterprises, Check Point security researchers warn.
An open-source remote desktop gateway, Apache Guacamole is an HTML5 web application that can be used on a broad range of devices, straight from the web browser.
Based on the previous discovery of vulnerabilities in FreeRDP, the security researchers identified two issues in Apache Guacamole iterations that do not implement the available patches for FreeRDP. They also devised an attack that could essentially provide remote code execution capabilities.
"Using Apache Guacamole as our example target, we were able to successfully demonstrate how a compromised computer inside the organization can be used to take control of the gateway that handles all of the remote sessions into the network. Once in control of the gateway, an attacker can eavesdrop on all incoming sessions, record all the credentials used, and even start new sessions to control the rest of the computers within the organization," Check Point notes.
The vulnerabilities were reported to Apache on March 31, silent patches were pushed in early May, and final patches were released on June 28, in Guacamole version 1.2.0.