Security Advisories
Welcome to the linqi Security Advisory page. The security of our software products and the protection of your data are our highest priorities. On this page, we provide transparent information about identified and resolved security vulnerabilities (CVEs), share technical details, and provide the corresponding patches. We strongly recommend that you install the security updates listed here in your systems in a timely manner.
Would you like to report a vulnerability to us? Please review our Vulnerability Disclosure Policy.
Security Bulletins
Security Advisory: LDAP Injection in linqi
Advisory ID: SEC-2024-001
Release Date: May 14, 2024
Status: Resolved
Overview
- CVE-ID: CVE-2024-33868
- Vulnerability Type: LDAP Injection (CWE-90)
- Severity: Critical
- CVSS Base Score: 9.8
Affected Products
- linqi for Windows – All versions prior to 1.4.0.1
Description
A security vulnerability in the handling of LDAP queries was discovered in the affected versions of our software. When processing user input on Windows systems, specific LDAP characters are not sufficiently sanitized. This allows a remote attacker to inject malicious LDAP control characters (LDAP Injection).
Solution (Patch)
The issue has been fully resolved in version 1.4.0.1. We strongly recommend that all customers update their systems to the latest version as soon as possible.
Credits
We would like to thank Arnoldas Radisauskas from the NATO Cyber Security Centre (NCSC) for his professional report and cooperation.
Security Advisory: Hardcoded Password Salt in linqi
Advisory ID: SEC-2024-002
Release Date: May 14, 2024
Status: Resolved
Overview
- CVE-ID: CVE-2024-33867
- Vulnerability Type: Use of Hard-coded Password / Salt (CWE-259)
- Severity: Medium
- CVSS Base Score: 4.8
Affected Products
- linqi for Windows – All versions prior to 1.4.0.1
Description
In versions prior to 1.4.0.1, it was identified that the software uses a hardcoded password salt. A hardcoded cryptographic salt reduces the security of hashed passwords, as attackers with access to the source code or binaries can extract the salt and reuse it for dictionary or rainbow table attacks.
Solution (Patch)
The issue has been fully resolved in version 1.4.0.1. We recommend a timely update to this version.
Credits
We would like to thank Arnoldas Radisauskas from the NATO Cyber Security Centre (NCSC) for his professional report and cooperation.
Security Advisory: Cross-Site Scripting (XSS) in DocumentTemplate API
Advisory ID: SEC-2024-003
Release Date: May 14, 2024
Status: Resolved
Overview
- CVE-ID: CVE-2024-33866
- Vulnerability Type: Cross-site Scripting / XSS (CWE-79)
- Severity: Medium
Affected Products
- linqi for Windows – All versions prior to 1.4.0.1
Description
A vulnerability regarding improper neutralization of input during web page generation was found in the linqi application. The endpoint /api/DocumentTemplate/{GUID} is susceptible to Cross-Site Scripting (XSS). This allows an attacker to execute malicious scripts in a victim's browser.
Solution (Patch)
The issue has been fully resolved in version 1.4.0.1. Please install the corresponding update.
Credits
We would like to thank Arnoldas Radisauskas from the NATO Cyber Security Centre (NCSC) for his professional report and cooperation.
Security Advisory: NTLM Hash Leak via API Endpoints
Advisory ID: SEC-2024-004
Release Date: May 14, 2024
Status: Resolved
Overview
- CVE-ID: CVE-2024-33865
- Vulnerability Type: Exposure of Sensitive Information (CWE-200)
- Severity: High
Affected Products
- linqi for Windows – All versions prior to 1.4.0.1
Description
A vulnerability in the endpoints /api/Cdn/GetFile and /api/DocumentTemplate/{GUID} allows the unauthorized exposure of sensitive information. Through a specifically crafted request, an NTLM hash leak can occur, allowing attackers to intercept the server's NTLM authentication hashes.
Solution (Patch)
The issue has been resolved in version 1.4.0.1. We recommend an immediate update for all customers.
Credits
We would like to thank Arnoldas Radisauskas from the NATO Cyber Security Centre (NCSC) for his professional report and cooperation.
Security Advisory: Server-Side Request Forgery (SSRF) via Document Template Generation
Advisory ID: SEC-2024-005
Release Date: May 14, 2024
Status: Resolved
Overview
- CVE-ID: CVE-2024-33864
- Vulnerability Type: Server-Side Request Forgery / SSRF
- Severity: High
Affected Products
- linqi for Windows – All versions prior to 1.4.0.1
Description
An SSRF (Server-Side Request Forgery) vulnerability was discovered in the document template generation process. By embedding remote images during PDF generation via malicious JavaScript, attackers can induce the server to execute server-side requests to arbitrary internal or external systems. Local file inclusion is also possible through this vector.
Solution (Patch)
The vulnerability was closed with the update to version 1.4.0.1. Please update the affected systems.
Credits
We would like to thank Arnoldas Radisauskas from the NATO Cyber Security Centre (NCSC) for his professional report and cooperation.
Security Advisory: Local File Inclusion in GetFile API
Advisory ID: SEC-2024-006
Release Date: May 14, 2024
Status: Resolved
Overview
- CVE-ID: CVE-2024-33863
- Vulnerability Type: Local File Inclusion / LFI
- Severity: Critical
- CVSS Base Score: 9.8
Affected Products
- linqi for Windows – All versions prior to 1.4.0.1
Description
A critical vulnerability was found in the API endpoint /api/Cdn/GetFile. Due to insufficient validation of file paths, a Local File Inclusion (LFI) vulnerability exists. An attacker can exploit this vulnerability to read arbitrary local files from the server's file system, leading to severe information disclosure.
Solution (Patch)
This critical issue was patched in version 1.4.0.1. We strongly recommend installing the update immediately.
Credits
We would like to thank Arnoldas Radisauskas from the NATO Cyber Security Centre (NCSC) for his professional report and cooperation.