#VU47082 Input validation error in Ozeki NG SMS Gateway - CVE-2020-14027

Cybersecurity Help s.r.o.

Published: 2020-09-22 | Updated: 2020-09-24

Vulnerability identifier: #VU47082

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2020-14027

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Ozeki NG SMS Gateway
Web applications / Remote management & hosting panels

Vendor: Ozeki Ltd.

Description

The vulnerability allows a remote attacker to compromise the application.

The vulnerability exists due to the database connection strings accept custom unsafe arguments, such as ENABLE_LOCAL_INFILE. A remote attacker can force the application to connect to a database server under attacker control and gain full access to the application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Ozeki NG SMS Gateway: 4.0.0 - 4.17.6

External links
https://www.ozeki.hu/index.php?owpn=231
https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14027-MySQL%20LOAD%20DATA%20LOCAL%20INFILE%20Attack-Ozeki%20SMS%20Gateway

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Ozeki NG SMS Gateway