CHT Security Red Team Discovered Several Vulnerabilities in Well-Known Domestic CTS Web Transaction System

Summary

Vulnerability List

1. [CVE-2021-32541] Broken Access Control

1. [CVE-2021-32542] Reflected XSS

1. [CVE-2021-32543] Broken Authentication

Details

1. Broken Access Control

Description

The authentication and session management of CTS Web transaction system is implemented incorrectly.

Impact

This vulnerability allows remote unauthenticated attackers to send a large number of valid usernames, and force those logged-in accounts to log out, resulting in the users unable to access the services.

2. Reflected XSS

Description

The parameters of the specific functions in the CTS Web trading system do not filter special characters.

Impact

This vulnerability allows unauthenticated attackers to remotely perform reflected XSS and obtain the users’ connection token that triggered the attack.

3. Broken Authentication

Description

The authentication management of CTS Web transaction system is implemented incorrectly.

Impact

After login, remote attackers can manipulate cookies to access other accounts and trade in the stock market with spoofed identity.

Version

Version before 2020.3.25

Credits

* Jalong Chen (CHT Security)