Zero Science Lab » iDS6 DSSPro Digital Signage System 6.2 (autoSave) Cookie User Password Disclosure

iDS6 DSSPro Digital Signage System 6.2 (autoSave) Cookie User Password Disclosure

Title: iDS6 DSSPro Digital Signage System 6.2 (autoSave) Cookie User Password Disclosure
Advisory ID: ZSL-2020-5605
Type: Local/Remote
Impact: Exposure of Sensitive Information, Security Bypass
Risk: (3/5)
Release Date: 04.11.2020

Summary

iDS6 Software's DSSPro network digital signage management system is a web-based server software solution for Windows.

Description

The application suffers from a cleartext transmission/storage of sensitive information in a cookie when using the Remember (autoSave=true) feature. This allows a remote attacker to intercept the HTTP Cookie authentication credentials via a man-in-the-middle attack.

Vendor

Guangzhou Yeroo Tech Co., Ltd. - http://www.yerootech.com

Affected Version

V6.2 B2014.12.12.1220
V5.6 B2017.07.12.1757
V4.3

Tested On

Microsoft Windows XP
Microsoft Windows 7
Microsfot Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows 10
Apache Tomcat/8.0.44
Apache Tomcat/6.0.35
Apache-Coyote/1.1
Apache Axis/1.4
MySQL 5.5.25
Java 1.8.0

Vendor Status

N/A

PoC

dsspro_cookie.txt

Credits

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>

References

[1] https://packetstormsecurity.com/files/159915
[2] https://exchange.xforce.ibmcloud.com/vulnerabilities/191261
[3] https://cxsecurity.com/issue/WLB-2020110023

Changelog

[04.11.2020] - Initial release
[11.11.2020] - Added reference [1], [2] and [3]

Contact

Zero Science Lab

Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk