CHT Security Red Team Discovered Several Vulnerabilities in Well-Known Domestic CTS Web Transaction System
Summary
Vulnerability List
- [CVE-2021-32541] Broken Access Control
- [CVE-2021-32542] Reflected XSS
- [CVE-2021-32543] Broken Authentication
Details
1. Broken Access Control
Description
The authentication and session management of CTS Web transaction system is implemented incorrectly.
Impact
This vulnerability allows remote unauthenticated attackers to send a large number of valid usernames, and force those logged-in accounts to log out, resulting in the users unable to access the services.
2. Reflected XSS
Description
The parameters of the specific functions in the CTS Web trading system do not filter special characters.
Impact
This vulnerability allows unauthenticated attackers to remotely perform reflected XSS and obtain the users’ connection token that triggered the attack.
3. Broken Authentication
Description
The authentication management of CTS Web transaction system is implemented incorrectly.
Impact
After login, remote attackers can manipulate cookies to access other accounts and trade in the stock market with spoofed identity.
Version
Version before 2020.3.25
Credits
* Jalong Chen (CHT Security)