← Advisories

rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass

Critical

Advisory ID

ZSL-2020-5572

Release Date

05 July 2020

Vendor

rauLink Software (raulsoria)

Affected Version

2.0

CVE

N/A

Tested On

Apache/2.4.6 (Ubuntu), PHP/5.5.3-1ubuntu2.6, phpPgAdmin/5.1

Summary

Smart home automation software.

Description

The application suffers from an SQL Injection vulnerability. Input passed through 'usuario' POST parameter in registraUsuario is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and bypass the authentication mechanism.

Proof of Concept

domoticaraul_auth.txtTXT

Disclosure Timeline

N/A

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://packetstormsecurity.com/files/158318/rauLink-Software-Domotica-Web-2.0-SQL-Injection.html

[2]https://cxsecurity.com/issue/WLB-2020070026

[3]https://exchange.xforce.ibmcloud.com/vulnerabilities/184654

Changelog

05.07.2020Initial release

07.07.2020Added reference [1]

19.07.2020Added reference [2]

20.07.2020Added reference [3]