CVE-2021-22859
EXCELLENT INFOTEK BiYan Pre-Auth SQL Injection
Current Description
EXCELLENT INFOTEK BiYan v2.9~v3.0 has a SQL injection vulnerability, allowing execution of arbitrary SQL commands via <LOGIN_ID> parameter without authentication.
The SQL commands can executed for any user accessing the page.
This vulnerability affects many mail system of governments, organizations and companies.
Details
The injection point is <LOGIN_ID> parameter in "query_user_data.aspx".
It allows remote attackers to execute arbitrary SQL commands via paramemer without authentication.
Remote attackers can gain unauthorized data like user's account and password.
When accessing a victim's account, remote attackers can modifiy the password.
It compromised the confidentiality, integrity and availability of data and system.
Description
Remote attackers can execute arbitrary SQL commands without authentication.
Affected files
http://`[Target Domain]`/kw/docn/asp/query_user_data.aspx
Contributor
- Tony Kuo (CHT Security)