Zoho QEngine Vulnerable to Arbitrary File Read Attack
/ 1 min read
🗂️ Zoho QEngine exposed to arbitrary file read vulnerability. A security researcher discovered that Zoho QEngine, a test automation tool, is susceptible to an arbitrary file read attack through its openURL() function. By manipulating the function to access the file:// protocol, the researcher was able to retrieve the contents of the /etc/passwd file from the isolated Docker environment used by QEngine. Although the risk is mitigated due to the isolation provided by Docker, the researcher emphasized that such vulnerabilities could have severe implications if exploited in a non-isolated environment. The findings were reported to Zoho’s Bug Bounty program, which acknowledged the issue and rewarded the researcher. Key recommendations include strict validation of user inputs and not solely relying on Docker for security.
