Cyberoam UTM 'tableid' Parameter SQL Injection Vulnerability

Bugtraq ID:	51143
Class:	Input Validation Error
CVE:	CVE-2011-5050
Remote:	Yes
Local:	No
Published:	Dec 20 2011 12:00AM
Updated:	Jan 10 2012 10:00PM
Credit:	Benjamin Kunz Mejri (Rem0ve) & Pim J.F. Campers (X4lt)
Vulnerable:	Elitecore Technologies Cyberoam UTM CR500i 10 Elitecore Technologies Cyberoam UTM CR300i 10 Elitecore Technologies Cyberoam UTM 10.01.0 Build 0739 Elitecore Technologies Cyberoam UTM 10.01 build 0667 Elitecore Technologies Cyberoam UTM 10.00 build 0309
Not Vulnerable:	Elitecore Technologies Cyberoam UTM 10.01.2 build 059

Cyberoam UTM 'tableid' Parameter SQL Injection Vulnerability

Cyberoam UTM is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Cyberoam UTM 'tableid' Parameter SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following URI is available:

http://www.example.com/corporate/Controller?mode=301&tableid=[SQL]&sort=&dir=

Cyberoam UTM 'tableid' Parameter SQL Injection Vulnerability

Solution:
Updates are available. Please see the references for more details.

Cyberoam UTM 'tableid' Parameter SQL Injection Vulnerability

References:

• Cyberoam UTM Appliance - SQL Injection Vulnerability (Vulnerability Research Laboratory)
  
• Cyberoam UTM Homepage (Elitecore Technologies)