Samsung Data Management Server < 1.4.3 verifyUser Method SQL Injection

This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.

Synopsis :

The remote web server is prone to a SQL injection attack.

Description :

The remote web server is an embedded web server in a Samsung
Integrated Management System DMS (Data Management Server), an embedded
hardware device used to manange a large number of air conditioning

According to its self-reported version, the version of this web server
is earlier than 1.4.3. Such versions are reportedly affected by a SQL
injection vulnerability due to a failure of the software to sanitize
input to the username and password fields of the login page before
using it in a database query in the 'verifyUser()' method in the
LoginManager class.

An unauthenticated remote attacker can leverage this issue to
manipulate database queries and, for example, bypass authentication
and gain administrative access to the device.

See also :

Solution :

Upgrade DMS to 1.4.3 or later.

Risk factor :

High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true

Family: SCADA

Nessus Plugin ID: 53877 ()

Bugtraq ID: 47726

CVE ID: CVE-2010-4284

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now