CVE-2023-45670
Frigate cross-site request forgery in `config_save` and `config_set` request handlers
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Frigate is an open source network video recorder. Prior to version 0.13.0 Beta 3, the `config/save` and `config/set` endpoints of Frigate do not implement any CSRF protection. This makes it possible for a request sourced from another site to update the configuration of the Frigate server (e.g. via "drive-by" attack). Exploiting this vulnerability requires the attacker to both know very specific information about a user's Frigate server and requires an authenticated user to be tricked into clicking a specially crafted link to their Frigate instance. This vulnerability could exploited by an attacker under the following circumstances: Frigate publicly exposed to the internet (even with authentication); attacker knows the address of a user's Frigate instance; attacker crafts a specialized page which links to the user's Frigate instance; attacker finds a way to get an authenticated user to visit their specialized page and click the button/link. This issue can lead to arbitrary configuration updates for the Frigate server, resulting in denial of service and possible data exfiltration. Version 0.13.0 Beta 3 contains a patch.
Frigate es una grabadora de vídeo en red de código abierto. Antes de la versión 0.13.0 Beta 3, los endpoints `config/save` y `config/set` de Frigate no implementan ninguna protección CSRF. Esto hace posible que una solicitud procedente de otro sitio actualice la configuración del servidor Frigate (por ejemplo, mediante un ataque "drive-by"). Explotar esta vulnerabilidad requiere que el atacante conozca información muy específica sobre el servidor Frigate de un usuario y requiere que se engañe a un usuario autenticado para que haga clic en un enlace especialmente manipulado a su instancia de Frigate. Esta vulnerabilidad podría ser aprovechada por un atacante en las siguientes circunstancias: Fragata expuesta públicamente a Internet (incluso con autenticación); el atacante conoce la dirección de la instancia de Frigate de un usuario; el atacante crea una página especializada que enlaza con la instancia de Frigate del usuario; El atacante encuentra una manera de lograr que un usuario autenticado visite su página especializada y haga clic en el botón/enlace. Este problema puede provocar actualizaciones de configuración arbitrarias para el servidor Frigate, lo que resulta en denegación de servicio y posible filtración de datos. La versión 0.13.0 Beta 3 contiene un parche.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-10-10 CVE Reserved
- 2023-10-30 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-11-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-352: Cross-Site Request Forgery (CSRF)
CAPEC
References (6)
| URL | Date | SRC |
|---|---|---|
| https://github.com/blakeblackshear/frigate/security/advisories/GHSA-xq49-hv88-jr6h | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Frigate Search vendor "Frigate" | Frigate Search vendor "Frigate" for product "Frigate" | <= 0.13.0 Search vendor "Frigate" for product "Frigate" and version " <= 0.13.0" | - |
Affected
| ||||||
| Frigate Search vendor "Frigate" | Frigate Search vendor "Frigate" for product "Frigate" | 0.13.0 Search vendor "Frigate" for product "Frigate" and version "0.13.0" | beta1 |
Affected
| ||||||
| Frigate Search vendor "Frigate" | Frigate Search vendor "Frigate" for product "Frigate" | 0.13.0 Search vendor "Frigate" for product "Frigate" and version "0.13.0" | beta2 |
Affected
| ||||||