← Advisories

COMMAX Biometric Access Control System 1.0.0 Authentication Bypass

Critical

Advisory ID

ZSL-2021-5661

Release Date

15 August 2021

Vendor

COMMAX Co., Ltd. - https://www.commax.com

Affected Version

1.0.0

CVE

N/A

Tested On

nginx/1.14.0 (Ubuntu), MariaDB/10.3.15

Summary

Biometric access control system.

Description

The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.

Proof of Concept

commax_cookie.txtTXT

Disclosure Timeline

02.08.2021Vulnerability discovered.

03.08.2021Vendor contacted.

04.08.2021Vendor contacted.

05.08.2021No response from the vendor.

06.08.2021Vendor contacted.

14.08.2021No response from the vendor.

15.08.2021Public security advisory released.

Credits

Vulnerability discovered by Gjoko Krstic

References

[1]https://www.exploit-db.com/exploits/50206

[2]https://packetstormsecurity.com/files/163840

[3]https://exchange.xforce.ibmcloud.com/vulnerabilities/207574

Changelog

15.08.2021Initial release

23.08.2021Added reference [1], [2] and [3]