CVE-2021-22859

EXCELLENT INFOTEK BiYan Pre-Auth SQL Injection

Current Description

EXCELLENT INFOTEK BiYan v2.9~v3.0 has a SQL injection vulnerability, allowing execution of arbitrary SQL commands via <LOGIN_ID> parameter without authentication. 

The SQL commands can executed for any user accessing the page. 

This vulnerability affects many mail system of governments, organizations and companies.

Details

The injection point is <LOGIN_ID> parameter in "query_user_data.aspx".

It allows remote attackers to execute arbitrary SQL commands via paramemer without authentication.

Remote attackers can gain unauthorized data like user's account and password.

When accessing a victim's account, remote attackers can modifiy the password.

It compromised the confidentiality, integrity and availability of data and system.

Description

Remote attackers can execute arbitrary SQL commands without authentication.

Affected files

http://`[Target Domain]`/kw/docn/asp/query_user_data.aspx

Contributor

• Tony Kuo (CHT Security)