Sign-up

ID

VAR-202004-2331


TITLE

Advantech WebAccess/NMS AccesslogAction SQL Injection Information Disclosure Vulnerability

Trust: 0.7

sources: ZDI: ZDI-20-398

DESCRIPTION

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Advantech WebAccess/NMS. Authentication is not required to exploit this vulnerability.The specific flaw exists within the processing of calls to the AccesslogAction.action endpoint. When parsing the user parameter, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise.

Trust: 0.7

sources: ZDI: ZDI-20-398

AFFECTED PRODUCTS

vendor:advantechmodel:webaccess/nmsscope: - version: -

Trust: 0.7

sources: ZDI: ZDI-20-398

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI: ZDI-20-398
value: HIGH

Trust: 0.7

ZDI: ZDI-20-398
baseSeverity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 0.7

sources: ZDI: ZDI-20-398

PATCH

title:Advantech has issued an update to correct this vulnerability.url:https://www.us-cert.gov/ics/advisories/icsa-20-098-01

Trust: 0.7

sources: ZDI: ZDI-20-398

EXTERNAL IDS

db:ZDI_CANid:ZDI-CAN-9605

Trust: 0.7

db:ZDIid:ZDI-20-398

Trust: 0.7

sources: ZDI: ZDI-20-398

REFERENCES

url:https://www.us-cert.gov/ics/advisories/icsa-20-098-01

Trust: 0.7

sources: ZDI: ZDI-20-398

CREDITS

rgod of 9sg

Trust: 0.7

sources: ZDI: ZDI-20-398

SOURCES

db:ZDIid:ZDI-20-398

LAST UPDATE DATE

2022-05-17T01:45:05.851000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-20-398date:2020-04-08T00:00:00

SOURCES RELEASE DATE

db:ZDIid:ZDI-20-398date:2020-04-08T00:00:00