BUG_Author: s0l42

Affected Version: TinyWebServer≤ 1.0

Vendor: TinyWebServer GitHub Repository

Software: TinyWebServer

Vulnerability Files:

Description:

Improper Authentication found in http/http_conn.cpp:459-498 of TinyWebServer ≤ 1.0, the server do not check if user is authenticated, just compare the url user input and direct to a new page. In proper case, there should be a flag to identify whether user is authenticated.

image.png

When we access url /5 to /7, we could access without authentication.

image.png

PoC

http://ip:port/5

http://ip:port/6

http://ip:port/7

These pages are designed accessing after authentication