CHT Security Red Team Discovered Several Vulnerabilities in Well-Known Domestic CTS Web Transaction System
- [CVE-2021-32541] Broken Access Control
- [CVE-2021-32542] Reflected XSS
- [CVE-2021-32543] Broken Authentication
1. Broken Access Control
The authentication and session management of CTS Web transaction system is implemented incorrectly.
This vulnerability allows remote unauthenticated attackers to send a large number of valid usernames, and force those logged-in accounts to log out, resulting in the users unable to access the services.
2. Reflected XSS
The parameters of the specific functions in the CTS Web trading system do not filter special characters.
This vulnerability allows unauthenticated attackers to remotely perform reflected XSS and obtain the users’ connection token that triggered the attack.
3. Broken Authentication
The authentication management of CTS Web transaction system is implemented incorrectly.
After login, remote attackers can manipulate cookies to access other accounts and trade in the stock market with spoofed identity.
Version before 2020.3.25
* Jalong Chen (CHT Security)