Kaiten - a workflow management system, is vulnerable to unrestricted brute force attacks on user logins and email addresses registered in the system via a simple POST request.
Discovered by Tom Hunter
Links:
Simple download bash script and run with custom wordlists (only login, not e-mails!)
bash CVE-2024-39211.sh <input.domain.ru> <wordlists_users>As Result:
Companies often use login policies based on combinations of first and last names, for example, Anton Ivanov = aivanov or a_ivanov. Accordingly, below are links to a large set of Russian names and surnames:
This repository contains archive of wordlist with a basic set of 2.5 million combinations of the form aivanov.
- Update Kaiten software to last version
- Implement basic CAPTCHA or rate limits
- Do not send error-based responses (fix yourself)