CVE-2024-1666

{"id": "CVE-2024-1666", "cveTags": [], "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "security@huntr.dev", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2024-04-16T00:15:10.330", "references": [{"url": "https://github.com/lunary-ai/lunary/commit/c57cd50fa0477fd2a2efe60810c0099eebd66f54", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "security@huntr.dev"}, {"url": "https://huntr.com/bounties/0f310501-b5b0-4be0-ae38-d6b836f71ff0", "tags": ["Patch"], "source": "security@huntr.dev"}, {"url": "https://github.com/lunary-ai/lunary/commit/c57cd50fa0477fd2a2efe60810c0099eebd66f54", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://huntr.com/bounties/0f310501-b5b0-4be0-ae38-d6b836f71ff0", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security@huntr.dev", "description": [{"lang": "en", "value": "CWE-770"}]}], "descriptions": [{"lang": "en", "value": "In lunary-ai/lunary version 1.0.0, an authorization flaw exists that allows unauthorized radar creation. The vulnerability stems from the lack of server-side checks to verify if a user is on a free account during the radar creation process, which is only enforced in the web UI. As a result, attackers can bypass the intended account upgrade requirement by directly sending crafted requests to the server, enabling the creation of an unlimited number of radars without payment."}, {"lang": "es", "value": "En lunary-ai/lunary versi\u00f3n 1.0.0, existe una falla de autorizaci\u00f3n que permite la creaci\u00f3n de radares no autorizados. La vulnerabilidad surge de la falta de comprobaciones del lado del servidor para verificar si un usuario tiene una cuenta gratuita durante el proceso de creaci\u00f3n del radar, que s\u00f3lo se aplica en la interfaz de usuario web. Como resultado, los atacantes pueden eludir el requisito de actualizaci\u00f3n de cuenta previsto enviando directamente solicitudes manipuladas al servidor, lo que permite la creaci\u00f3n de una cantidad ilimitada de radares sin pago."}], "lastModified": "2025-01-10T14:34:01.473", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:lunary:lunary:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6989773-CA2D-46FD-AEA6-E6D6F2C01B17", "versionEndExcluding": "1.2.7"}], "operator": "OR"}]}], "sourceIdentifier": "security@huntr.dev"}