Exploit Details
Basic Information
| Exploit Title | Grokability Snipe-IT 8.0.4 – Insecure Direct Object Reference (IDOR) |
|---|---|
| Exploit ID | EDB-ID:52282 |
| Type | exploitdb |
| Published | 2025-05-06T00:00:00 |
| Modified | 2025-05-06T00:00:00 |
CVSS Information
| CVSS Score | 5.0 |
|---|---|
| Severity | MEDIUM |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N |
CVE Information
- CVE-2025-47226
Exploit Description
Exploit Code
# Google Dork: N/A
# Date: 2025-05-02
# Exploit Author: Sn1p3r-H4ck3r (Siripong Jintung)
# Vendor Homepage: https://snipeitapp.com
# Software Link: https://github.com/grokability/snipe-it
# Version: <= 8.0.4
# Tested on: Ubuntu 22.04 LTS, Apache2 + MySQL + PHP 8.1
# CVE: CVE-2025-47226
# Vulnerability Description:
Snipe-IT <= 8.0.4 contains an Insecure Direct Object Reference (IDOR) vulnerability in the
`/locations/
department to gain access to asset assignment data belonging to other departments by modifying
the `location_id` in the URL.
# Steps to Reproduce:
1. Authenticate with a low-privileged account assigned to `location_id = 2`.
2. Access the print preview page:
https://
3. Modify the URL to:
https://
4. The application will disclose inventory/assignment information for location ID 1,
even if the user should not have access.
# Impact:
– Unauthorized access to internal asset and inventory information.
– Potential for lateral data exposure between departments in the same organization.
– Disclosure of asset IDs, assignees, and location metadata.
# Mitigation:
Update to **Snipe-IT v8.1.0** or higher where access control validation has been corrected.
# References:
– Patch PR: https://github.com/grokability/snipe-it/pull/16672
– CVE Record: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47226
– Release Notes: https://github.com/grokability/snipe-it/releases/tag/v8.1.0