rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass
Title: rauLink Software Domotica Web 2.0 SQL Injection Authentication Bypass
Advisory ID: ZSL-2020-5572
Type: Local/Remote
Impact: Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data
Risk: (5/5)
Release Date: 05.07.2020
PHP/5.5.3-1ubuntu2.6
phpPgAdmin/5.1
[2] https://cxsecurity.com/issue/WLB-2020070026
[3] https://exchange.xforce.ibmcloud.com/vulnerabilities/184654
[07.07.2020] - Added reference [1]
[19.07.2020] - Added reference [2]
[20.07.2020] - Added reference [3]
Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2020-5572
Type: Local/Remote
Impact: Exposure of System Information, Exposure of Sensitive Information, Manipulation of Data
Risk: (5/5)
Release Date: 05.07.2020
Summary
Smart home automation software.Description
The application suffers from an SQL Injection vulnerability. Input passed through 'usuario' POST parameter in registraUsuario is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and bypass the authentication mechanism.Vendor
rauLink Software (raulsoria)Affected Version
2.0Tested On
Apache/2.4.6 (Ubuntu)PHP/5.5.3-1ubuntu2.6
phpPgAdmin/5.1
Vendor Status
N/APoC
domoticaraul_auth.txtCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] https://packetstormsecurity.com/files/158318/rauLink-Software-Domotica-Web-2.0-SQL-Injection.html[2] https://cxsecurity.com/issue/WLB-2020070026
[3] https://exchange.xforce.ibmcloud.com/vulnerabilities/184654
Changelog
[05.07.2020] - Initial release[07.07.2020] - Added reference [1]
[19.07.2020] - Added reference [2]
[20.07.2020] - Added reference [3]
Contact
Zero Science LabWeb: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk
