UPDATE PATCH [RDP Proxy IDOR Vulnerability]
Description: A security vulnerability known as IDOR (Insecure Direct Object Reference) has been discovered in Remote Desktop Protocol (RDP) connections. This vulnerability allowed unauthorized access to target devices by manipulating the encoded URL used in the connection. To exploit this vulnerability, all information in the encoded URL and the values stored in Single Connect had to be correct and in the correct order.
Affected Release: Single Connect 2.16
Resolution: Immediate action was taken to resolve the issue and the problem was fixed in the Single Connect 2.16.1 release. The resolution involved addressing the vulnerability and implementing measures to prevent a similar situation from happening in future releases. The quick response to this vulnerability ensured that the security of RDP connections was maintained, and users could continue using the service without any interruption.
Update Instructions: To update the RDP package and copy it to the correct path, follow these steps:
- Download the latest RDP package from this link. (md5sum: 6fea2b58915854b663f43fdf4516522a) @
- Copy the package to Single Connect server.
- Open a terminal, stop the web server application using the following command: systemctl stop netright-tomcat
- Navigate to the directory where the package is uploaded.
- Extract the contents of the package using the following command: tar -xvzf rdp-fix.tar.gz
- Navigate to the extracted directory using the following command: cd rdp-fix
- Copy the contents of the extracted directory to the related path using the following command: cp rdp-ui.war /u01/netright-tomcat/webapp
- Restart the web server application using the following command: systemctl start netright-tomcat
- Verify the installation by accessing the target server using RDP proxy.