CHT Security Red Team Discovered Vulnerability in Well-Known e-Learning System.

Summary

The Red Team of CHT Security discovered two vulnerabilities　in a well-known domestic online learning system, including two authentication bypass weaknesses, affecting domestic enterprises. 

Vulnerability List

• An attacker, without logging in, can log in as any user through specific packets. This vulnerability can be classified under CWE-287: Improper Authentication.
•  An attacker, without logging in, can access arbitrary APIs through specific parameters. This vulnerability can be classified under CWE-287: Improper Authentication

Details

1. Improper Authentication

Description

A certain login function has an insecure verification method.

Impact

An unauthenticated user can exploit this to forge any user's login and gain access. 

Known Affected Software

• Version before 6.8.1039V1144.1045 (including)

Credits

• TsungShu Chiu (CHT Security)

2. Improper Authentication

Description

The mechanism for identity verification in the packet can be compromised by unauthenticated user.

Impact

An attacker can forge any user to access the system, including the APIs. 

Known Affected Software

• Version before 6.8.1039V1144.1045 (including)

Credits

• TsungShu Chiu (CHT Security)