Appsmith Developer Tool Vulnerability Let Attackers Execute Remote Code

CVE-2024-55964: An Insecure Direct Object Reference vulnerability allowed users with minimal “App Viewer” permissions to access SQL databases by exploiting predictable datasource IDs and the “/api/v1/datasources/[datasource-id]/schema-preview” API endpoint. The PostgreSQL authentication configuration file (pg_hba.conf) contained settings that allowed any local user to connect as any PostgreSQL user without requiring a password. CVE-2024-55965: A Denial of Service vulnerability enabled users with limited permissions to repeatedly trigger application restarts via a broken access control in the restart API functionality. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This simple sequence allowed attackers to create a temporary table, execute the Unix ‘cat’ command to read system files, retrieve the results, and remove evidence by dropping the table. CVE-2024-55963 (Remote Code Execution): Patched in version 1.52 with PR #37068, which hardened the PostgreSQL configuration and implemented password-based authentication for the internal database. Once connected, the attacker could leverage PostgreSQL’s COPY FROM PROGRAM function to execute arbitrary system commands with the privileges of the PostgreSQL user. Security researchers have uncovered multiple critical vulnerabilities in Appsmith, a popular open-source developer platform for building internal applications. CVE-2024-55965 (Denial of Service): Resolved in version 1.48 with PR #37227, implementing proper access control checks for the restart functionality. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. An attacker could register an account, create a workspace, add a new application, and then connect to the misconfigured local PostgreSQL database. The security researchers have published detailed technical analyses and detection tools, including Nuclei templates for scanning vulnerable instances. CVE-2024-55964 (IDOR): This was fixed in version 1.49 with PR #37308, adding proper role-based access controls to the vulnerable API endpoint. The vulnerability became exploitable because Appsmith’s default configuration allows new user signups. She is covering various cyber security incidents happening in the Cyber Space.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 26 Mar 2025 07:45:09 +0000