usd-2018-0003 | Starface/6.4.3.34

Advisory ID: usd-2018-0003
Affected Version: 6.4.3.34
Vulnerability Type: SQL Injection
Security Risk: high
Vendor URL: https://www.starface.com/
Vendor Status: Not fixed
Advisory Status: Partial disclosure

Description

A SQL injection attack consists of insertion or „injection“ of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

Proof of Concept (PoC)

The parameter ‚phoneCallerIdSettingsForm.callerIdSettings%5B0%5D.callerIdValue‘ of the request to /config/phone/callerids/save.do is vulnerable to an SQL injection.

=> PoC will be published when all issues are fixed.

Fix

Make sure to use prepared Statement for each database which contains user supplied input.

Timeline

2018-06-06 First published

Credits

The security vulnerabilities were found by Sebastian Puttkammer of usd AG.

usd-2018-0003 | Starface/6.4.3.34

Description

Proof of Concept (PoC)

Fix

Timeline

Credits

About usd Security Advisories

Disclaimer

usd HeroLab

LabNews

Security Advisories zu SONIX und SAP

The Surprising Complexity of Finding Known Vulnerabilities

Security Advisories zu Zimperium und FileCloud

Folgen Sie uns