Security News > 2023 > July > Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers.
"The acquired admin privileges can further be leveraged to exploit another vulnerability allowing attackers to execute arbitrary code on the Apache OpenMeetings server."
Meeting invites created using OpenMeetings come are not only bound to a specific room and a user but also come with a unique hash that's used by the application to retrieve details associated with the invitation.
The first two flaws, in a nutshell, have to do with a weak hash comparison between the user-supplied hash and what's present in the database and a quirk that allows for the creation of a room invitation without a room assigned to it, leading to a scenario where an invitation exists with no room attached to it.
"Although the room is also deleted when its associated event is deleted, the presence of the attacker in the room makes this a zombie room," Schiller explained.
In other words, the zombie room could allow the attacker to acquire admin privileges and make modifications to the OpenMeetings instance, including adding and removing users and groups, changing room settings, and terminating sessions of connected users.
News URL
https://thehackernews.com/2023/07/apache-openmeetings-web-conferencing.html
Related news
- SAP fixes critical vulnerabilities in NetWeaver application servers (source)
- Critical vulnerabilities remain unresolved due to prioritization gaps (source)
- Critical SimpleHelp vulnerabilities fixed, update your server instances! (source)
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)