Can you explain this vulnerability to me?

This vulnerability involves the Contec Co.,Ltd. CONPROSYS HMI System (CHS) exposing a PHP phpinfo() debug page to unauthenticated users. This debug page may contain sensitive information that could be useful to an attacker. The issue affects versions of CONPROSYS HMI System (CHS) before 3.7.7.

Useful 0 Not Useful 0

How can this vulnerability impact me? :

The exposure of the phpinfo() debug page to unauthenticated users can lead to the disclosure of sensitive system information, which attackers could use to identify weaknesses or plan further attacks. This could compromise system security and potentially lead to unauthorized access or data breaches.

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking if the CONPROSYS HMI System (CHS) exposes a phpinfo() debug page accessible without authentication. For example, you can use a command like: curl -I http://<target-ip-or-host>/path_to_phpinfo_page.php to see if the page is accessible and returns sensitive information.

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting access to the phpinfo() debug page by removing or disabling it in the CONPROSYS HMI System (CHS) before version 3.7.7, or applying access controls to prevent unauthenticated users from accessing it. Upgrading the system to version 3.7.7 or later, where this issue is fixed, is also recommended.

Useful 0 Not Useful 0