{"id":350,"date":"2023-05-23T12:06:57","date_gmt":"2023-05-23T12:06:57","guid":{"rendered":"https:\/\/nobugescapes.com\/?p=350"},"modified":"2023-08-12T13:39:25","modified_gmt":"2023-08-12T13:39:25","slug":"privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option","status":"publish","type":"post","link":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/","title":{"rendered":"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option"},"content":{"rendered":"\n

CVE-2023-XXXX<\/p>\n\n\n\n

Vulnerability Description:<\/h3>\n\n\n\n

The Bio star 2 web application contains multiple operator levels, each with different privileges. The “Administrator” level has full permissions, while the “User Operator” level does not have all privileges. However, I have discovered a vulnerability that allows an attacker to escalate their privilege from “User Operator” to “System Administrator.” Exploiting this vulnerability requires the attacker to be authenticated and logged in as a “User Operator” on the target website.<\/p>\n\n\n\n

Steps to Reproduce:<\/h3>\n\n\n\n
    \n
  1. Log in to the Bio star 2 dashboard using a “User Operator” account.<\/li>\n\n\n\n
  2. Select two users and click on “Batch edit.” .<\/li>\n<\/ol>\n\n\n\n
    \"\"<\/figure>\n\n\n\n

    3. In the batch edit form, click on “Operator level” and select a user.<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    4. After clicking the “OK” button, a confirmation box will appear.<\/p>\n\n\n\n

    5. Examine the original PUT request made during batch user editing.<\/p>\n\n\n\n

    6. Using a proxy interceptor, modify the following information.<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    The operator user now escalated his Privilege to become a system administrator.<\/em><\/p>\n\n\n\n

    Solution \u2013 Fix & Patch:<\/h3>\n\n\n\n

    Suprema recommend using the latest version of Bio star 2, at the time of publishing the blog | 2022 Q4, v2.9.1.<\/p>\n","protected":false},"excerpt":{"rendered":"

    CVE-2023-XXXX Vulnerability Description: The Bio star 2 web application contains multiple operator levels, each with different privileges. The “Administrator” level has full permissions, while the “User Operator” level does not have all privileges. However, I have discovered a vulnerability that allows an attacker to escalate their privilege from “User Operator” to “System Administrator.” Exploiting this […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[9],"tags":[],"yoast_head":"\nPrivilege Escalation in Bio star 2 Exploitable through Batch Edit Option -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option -\" \/>\n<meta property=\"og:description\" content=\"CVE-2023-XXXX Vulnerability Description: The Bio star 2 web application contains multiple operator levels, each with different privileges. The “Administrator” level has full permissions, while the “User Operator” level does not have all privileges. However, I have discovered a vulnerability that allows an attacker to escalate their privilege from “User Operator” to “System Administrator.” Exploiting this […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-23T12:06:57+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-08-12T13:39:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nobugescapes.com\/wp-content\/uploads\/2023\/05\/image.png\" \/>\n<meta name=\"author\" content=\"Turki\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Turki\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/\",\"url\":\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/\",\"name\":\"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option -\",\"isPartOf\":{\"@id\":\"https:\/\/nobugescapes.com\/#website\"},\"datePublished\":\"2023-05-23T12:06:57+00:00\",\"dateModified\":\"2023-08-12T13:39:25+00:00\",\"author\":{\"@id\":\"https:\/\/nobugescapes.com\/#\/schema\/person\/57e251ce8a555429d986eddcc794e2be\"},\"breadcrumb\":{\"@id\":\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/nobugescapes.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/nobugescapes.com\/#website\",\"url\":\"https:\/\/nobugescapes.com\/\",\"name\":\"\",\"description\":\"No Bug Escapes\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/nobugescapes.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/nobugescapes.com\/#\/schema\/person\/57e251ce8a555429d986eddcc794e2be\",\"name\":\"Turki\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/nobugescapes.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4f25df09dc99e8e956c6f78fb406471d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4f25df09dc99e8e956c6f78fb406471d?s=96&d=mm&r=g\",\"caption\":\"Turki\"},\"sameAs\":[\"https:\/\/nobugescapes.com\"],\"url\":\"https:\/\/nobugescapes.com\/author\/turki\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/","og_locale":"en_US","og_type":"article","og_title":"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option -","og_description":"CVE-2023-XXXX Vulnerability Description: The Bio star 2 web application contains multiple operator levels, each with different privileges. The “Administrator” level has full permissions, while the “User Operator” level does not have all privileges. However, I have discovered a vulnerability that allows an attacker to escalate their privilege from “User Operator” to “System Administrator.” Exploiting this […]","og_url":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/","article_published_time":"2023-05-23T12:06:57+00:00","article_modified_time":"2023-08-12T13:39:25+00:00","og_image":[{"url":"https:\/\/nobugescapes.com\/wp-content\/uploads\/2023\/05\/image.png"}],"author":"Turki","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Turki","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/","url":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/","name":"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option -","isPartOf":{"@id":"https:\/\/nobugescapes.com\/#website"},"datePublished":"2023-05-23T12:06:57+00:00","dateModified":"2023-08-12T13:39:25+00:00","author":{"@id":"https:\/\/nobugescapes.com\/#\/schema\/person\/57e251ce8a555429d986eddcc794e2be"},"breadcrumb":{"@id":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/nobugescapes.com\/blog\/privilege-escalation-in-bio-star-2-exploitable-through-batch-edit-option\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nobugescapes.com\/"},{"@type":"ListItem","position":2,"name":"Privilege Escalation in Bio star 2 Exploitable through Batch Edit Option"}]},{"@type":"WebSite","@id":"https:\/\/nobugescapes.com\/#website","url":"https:\/\/nobugescapes.com\/","name":"","description":"No Bug Escapes","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nobugescapes.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/nobugescapes.com\/#\/schema\/person\/57e251ce8a555429d986eddcc794e2be","name":"Turki","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/nobugescapes.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4f25df09dc99e8e956c6f78fb406471d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4f25df09dc99e8e956c6f78fb406471d?s=96&d=mm&r=g","caption":"Turki"},"sameAs":["https:\/\/nobugescapes.com"],"url":"https:\/\/nobugescapes.com\/author\/turki\/"}]}},"_links":{"self":[{"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/posts\/350"}],"collection":[{"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/comments?post=350"}],"version-history":[{"count":3,"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/posts\/350\/revisions"}],"predecessor-version":[{"id":368,"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/posts\/350\/revisions\/368"}],"wp:attachment":[{"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/media?parent=350"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/categories?post=350"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nobugescapes.com\/wp-json\/wp\/v2\/tags?post=350"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}