Details of VAR-202009-0286

ID

VAR-202009-0286

CVE

CVE-2020-14027

TITLE

Ozeki NG SMS Gateway Argument insertion or modification vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-011460

DESCRIPTION

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLE_LOCAL_INFILE, that can be leveraged by attackers to enable MySQL Load Data Local (rogue MySQL server) attacks. The program can convert your incoming emails to SMS and send them to your mobile phone. The main functions are: (1), send and receive messages in two ways (from phone to system, from system to phone); (2), support various applications of desktop email and Webmail; (3), powerful The server supports the program and stores your SMS to send and receive these; (4), supports multiple devices, etc. The vulnerability stems from the fact that the database connection string accepts custom insecure parameters, such as ENABLE_LOCAL_INFILE

Trust: 1.8

sources: NVD: CVE-2020-14027 // JVNDB: JVNDB-2020-011460 // VULHUB: VHN-166864 // VULMON: CVE-2020-14027

AFFECTED PRODUCTS

vendor:	ozeki	model:	ng sms gateway	scope:	lte	version:	4.17.6	Trust: 1.0
vendor:	ozeki	model:	ng-sms gateway	scope:	eq	version:	-	Trust: 0.8
vendor:	ozeki	model:	ng-sms gateway	scope:	lte	version:	4.17.6 until	Trust: 0.8

sources: JVNDB: JVNDB-2020-011460 // NVD: CVE-2020-14027

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-14027
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2020-14027
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202009-1332
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-166864
value:	LOW
Trust: 0.1
VULMON:	CVE-2020-14027
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-14027
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-166864
severity:	LOW
baseScore:	3.5
vectorString:	AV:N/AC:M/AU:S/C:P/I:N/A:N
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	SINGLE
confidentialityImpact:	PARTIAL
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	6.8
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-14027
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.6
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2020-14027
baseSeverity:	MEDIUM
baseScore:	5.3
vectorString:	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-166864 // VULMON: CVE-2020-14027 // JVNDB: JVNDB-2020-011460 // CNNVD: CNNVD-202009-1332 // NVD: CVE-2020-14027

PROBLEMTYPE DATA

problemtype:	CWE-88	Trust: 1.1
problemtype:	Insert or change arguments (CWE-88) [NVD Evaluation ]	Trust: 0.8

sources: VULHUB: VHN-166864 // JVNDB: JVNDB-2020-011460 // NVD: CVE-2020-14027

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202009-1332

TYPE

parameter injection

Trust: 0.6

sources: CNNVD: CNNVD-202009-1332

PATCH

title:	Download Ozeki Software Products	url:	http://www.ozeki.hu/index.php?owpn=231	Trust: 0.8
title:	Ozeki NG SMS Gateway Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=129301	Trust: 0.6

sources: JVNDB: JVNDB-2020-011460 // CNNVD: CNNVD-202009-1332

EXTERNAL IDS

db:	NVD	id:	CVE-2020-14027	Trust: 2.6
db:	JVNDB	id:	JVNDB-2020-011460	Trust: 0.8
db:	CNNVD	id:	CNNVD-202009-1332	Trust: 0.7
db:	VULHUB	id:	VHN-166864	Trust: 0.1
db:	VULMON	id:	CVE-2020-14027	Trust: 0.1

sources: VULHUB: VHN-166864 // VULMON: CVE-2020-14027 // JVNDB: JVNDB-2020-011460 // CNNVD: CNNVD-202009-1332 // NVD: CVE-2020-14027

REFERENCES

url:	https://github.com/drunkenshells/disclosures/tree/master/cve-2020-14027-mysql%20load%20data%20local%20infile%20attack-ozeki%20sms%20gateway	Trust: 2.6
url:	http://www.ozeki.hu/index.php?owpn=231	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2020-14027	Trust: 1.4
url:	https://cwe.mitre.org/data/definitions/88.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-166864 // VULMON: CVE-2020-14027 // JVNDB: JVNDB-2020-011460 // CNNVD: CNNVD-202009-1332 // NVD: CVE-2020-14027

SOURCES

db:	VULHUB	id:	VHN-166864
db:	VULMON	id:	CVE-2020-14027
db:	JVNDB	id:	JVNDB-2020-011460
db:	CNNVD	id:	CNNVD-202009-1332
db:	NVD	id:	CVE-2020-14027

LAST UPDATE DATE

2024-11-23T22:11:23.881000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-166864	date:	2020-09-26T00:00:00
db:	VULMON	id:	CVE-2020-14027	date:	2020-09-26T00:00:00
db:	JVNDB	id:	JVNDB-2020-011460	date:	2021-04-02T07:53:00
db:	CNNVD	id:	CNNVD-202009-1332	date:	2020-10-22T00:00:00
db:	NVD	id:	CVE-2020-14027	date:	2024-11-21T05:02:22.937

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-166864	date:	2020-09-22T00:00:00
db:	VULMON	id:	CVE-2020-14027	date:	2020-09-22T00:00:00
db:	JVNDB	id:	JVNDB-2020-011460	date:	2021-04-02T00:00:00
db:	CNNVD	id:	CNNVD-202009-1332	date:	2020-09-22T00:00:00
db:	NVD	id:	CVE-2020-14027	date:	2020-09-22T18:15:23.777