Samsung Data Management Server < 1.4.3 verifyUser Method SQL Injection
High Nessus Plugin ID 53877
SynopsisThe remote web server is prone to a SQL injection attack.
DescriptionThe remote web server is an embedded web server in a Samsung Integrated Management System DMS (Data Management Server), an embedded hardware device used to manange a large number of air conditioning units.
According to its self-reported version, the version of this web server is earlier than 1.4.3. Such versions are reportedly affected by a SQL injection vulnerability due to a failure of the software to sanitize input to the username and password fields of the login page before using it in a database query in the 'verifyUser()' method in the LoginManager class.
An unauthenticated remote attacker can leverage this issue to manipulate database queries and, for example, bypass authentication and gain administrative access to the device.
SolutionUpgrade DMS to 1.4.3 or later.