![Apple Releases iOS 18.4 RC 2 and iPadOS 18.4 RC 2 to Developers [Download]](https://www.iclarified.com/images/news/96860/96860/96860-640.jpg)
![Amazon Drops Renewed iPhone 15 Pro Max to $762 [Big Spring Deal]](https://www.iclarified.com/images/news/96858/96858/96858-640.jpg)
![[The AI Show Episode 141]: Road to AGI (and Beyond) #1 — The AI Timeline is Accelerating](https://www.marketingaiinstitute.com/hubfs/ep%20141.1.png)
![[The AI Show Episode 140]: New AGI Warnings, OpenAI Suggests Government Policy, Sam Altman Teases Creative Writing Model, Claude Web Search & Apple’s AI Woes](https://www.marketingaiinstitute.com/hubfs/ep%20140%20cover.png)
![[The AI Show Episode 139]: The Government Knows AGI Is Coming, Superintelligence Strategy, OpenAI’s $20,000 Per Month Agents & Top 100 Gen AI Apps](https://www.marketingaiinstitute.com/hubfs/ep%20139%20cover-2.png)
![Reduce sin(2 * pi * n) [closed]](https://cdn.sstatic.net/Sites/softwareengineering/Img/apple-touch-icon@2.png?v=1ef7363febba)
![From broke musician to working dev. How college drop-out Ryan Furrer taught himself to code [Podcast #166]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743189826063/2080cde4-6fc0-46fb-b98d-b3d59841e8c4.png?#)
.jpg?#)
.png?#)
Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code
Security researchers have uncovered multiple critical vulnerabilities in Appsmith, a popular open-source developer platform for building internal applications. Most concerning is CVE-2024-55963, which allows unauthenticated attackers to execute arbitrary system commands on servers running default installations of Appsmith versions 1.20 through 1.51. CVE-2024-55963 – Remote Code Execution as PostgreSQL user Appsmith, which helps organizations build […] The post Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.
Security researchers have uncovered multiple critical vulnerabilities in Appsmith, a popular open-source developer platform for building internal applications.
Most concerning is CVE-2024-55963, which allows unauthenticated attackers to execute arbitrary system commands on servers running default installations of Appsmith versions 1.20 through 1.51.
CVE-2024-55963 – Remote Code Execution as PostgreSQL user
Appsmith, which helps organizations build dashboards, admin panels, and customer support tools, ships with a local PostgreSQL database intended for practice and learning purposes.
Rhino Security Labs discovered this database was critically misconfigured in its default installation.
The PostgreSQL authentication configuration file (pg_hba.conf) contained settings that allowed any local user to connect as any PostgreSQL user without requiring a password.
The vulnerability became exploitable because Appsmith’s default configuration allows new user signups. An attacker could register an account, create a workspace, add a new application, and then connect to the misconfigured local PostgreSQL database.
Stop attacks before they start, powered by a 97% precise neural Network to Detect Cyber Attacks
Once connected, the attacker could leverage PostgreSQL’s COPY FROM PROGRAM function to execute arbitrary system commands with the privileges of the PostgreSQL user.
Technical Exploitation Path
The proof-of-concept exploit demonstrated by researchers used the following SQL commands:
This simple sequence allowed attackers to create a temporary table, execute the Unix ‘cat’ command to read system files, retrieve the results, and remove evidence by dropping the table.
The security audit also revealed two other significant vulnerabilities:
CVE-2024-55964: An Insecure Direct Object Reference vulnerability allowed users with minimal “App Viewer” permissions to access SQL databases by exploiting predictable datasource IDs and the “/api/v1/datasources/[datasource-id]/schema-preview” API endpoint.
CVE-2024-55965: A Denial of Service vulnerability enabled users with limited permissions to repeatedly trigger application restarts via a broken access control in the restart API functionality.
Vulnerability Impact
The combination of these vulnerabilities created a significant security risk for organizations using Appsmith.
The most severe issue, CVE-2024-55963, essentially provided a path for complete system compromise from an unauthenticated position. Any attacker who discovered an organization’s Appsmith installation could potentially:
- Register a user account
- Create a workspace and application
- Connect to the local PostgreSQL database
- Execute arbitrary system commands
- Gain persistent access to the underlying serve
Appsmith has collaborated with Rhino Security Labs to address all three vulnerabilities:
CVE-2024-55963 (Remote Code Execution): Patched in version 1.52 with PR #37068, which hardened the PostgreSQL configuration and implemented password-based authentication for the internal database.
CVE-2024-55964 (IDOR): This was fixed in version 1.49 with PR #37308, adding proper role-based access controls to the vulnerable API endpoint.
CVE-2024-55965 (Denial of Service): Resolved in version 1.48 with PR #37227, implementing proper access control checks for the restart functionality.
Organizations running Appsmith instances should immediately upgrade to version 1.52 or later to protect against all identified vulnerabilities.
The security researchers have published detailed technical analyses and detection tools, including Nuclei templates for scanning vulnerable instances.
Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free
The post Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code appeared first on Cyber Security News.
