Security flaw in India Post server revealed by researcher

French security researcher Robert Baptiste who goes by Elliot Anderson on Twitter has been revealing cybersecurity flaws in the Indian scene for a while now. This time, he has reported a vulnerability on the India Post server that allows remote code execution.

Baptiste has in fact reported this flaw in place of an Indian researcher who chose to remain anonymous because of legal implications in face of Indian law.

The subdomain of India Post — digitization.indiapost.gov.in — was vulnerable to an Apache vulnerability i.e. CVE 2017-5638. It meant that the attacker would be able to run code on India Post server, as shown below:

The flaws led to exposed bank details of employees as well as databases of sensitive information. He posted several screenshots of the files he was able to access by exploiting the flaw.

He also revealed that he was not the first person to exploit these flaws and posted screenshots that show activity from almost a year ago on 14th April, 2017.

The vulnerability has since been fixed, leading to Elliot Anderson tweeting out the details of this recent hack.

Leave a Reply

Your email address will not be published.