← Advisories

QiHang Media Web (QH.aspx) Digital Signage 3.0.9 Cookie User Password Disclosure

Medium
Advisory ID
ZSL-2020-5578
Release Date
13 August 2020
Vendor
Shenzhen Xingmeng Qihang Media Co., Ltd., Guangzhou Hefeng Automation Technology Co., Ltd. - http://www.howfor.com
Affected Version
3.0.9.0
CVE
CVE-2020-36914
Tested On
Microsoft Windows Server 2012 R2 Datacenter, Microsoft Windows Server 2003 Enterprise Edition, ASP.NET 4.0.30319, HowFor Web Server/5.6.0.0, Microsoft ASP.NET Web QiHang IIS Server
Summary

Digital Signage Software.

Description

The application suffers from a cleartext transmission/storage of sensitive information in a cookie. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

Proof of Concept
qhsignage_cookie.txtTXT
Disclosure Timeline
27.07.2020Vulnerability discovered.
28.07.2020Vendor contacted.
31.07.2020No response from the vendor.
10.08.2020Vendor contacted.
12.08.2020No response from the vendor.
13.08.2020Public security advisory released.
Credits
Vulnerability discovered by Gjoko Krstic
References
[1]https://packetstormsecurity.com/files/158858
[2]https://exchange.xforce.ibmcloud.com/vulnerabilities/186770
[3]https://cxsecurity.com/issue/WLB-2020080059
[4]https://www.cve.org/CVERecord?id=CVE-2020-36914
Changelog
13.08.2020Initial release
14.08.2020Added reference [1], [2] and [3]
24.03.2026Added reference [4]