Samsung Data Management Server < 1.4.3 verifyUser Method SQL Injection

This script is Copyright (C) 2011-2016 Tenable Network Security, Inc.

Synopsis :

The remote web server is prone to a SQL injection attack.

Description :

The remote web server is an embedded web server in a Samsung
Integrated Management System DMS (Data Management Server), an embedded
hardware device used to manange a large number of air conditioning

According to its self-reported version, the version of this web server
is earlier than 1.4.3. Such versions are reportedly affected by a SQL
injection vulnerability due to a failure of the software to sanitize
input to the username and password fields of the login page before
using it in a database query in the 'verifyUser()' method in the
LoginManager class.

An unauthenticated remote attacker can leverage this issue to
manipulate database queries and, for example, bypass authentication
and gain administrative access to the device.

See also :

Solution :

Upgrade DMS to 1.4.3 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 53877 ()

Bugtraq ID: 47726

CVE ID: CVE-2010-4284

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial