CVE-2019-12720 - OpenCVE

AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Auo	Sunveillance Monitoring System \& Data Recorder

Configuration 1 [-]

cpe:2.3:a:auo:sunveillance_monitoring_system_\&_data_recorder:*:*:*:*:*:*:*:*

References

Link	Resource
https://drive.google.com/file/d/1QYgj4FU0MjSIhgXwddg4L5no9KYn8E9v/view	Exploit Third Party Advisory
https://www.exploit-db.com/exploits/47542	Exploit Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2019-11-12T18:26:14

Updated: 2019-11-12T18:26:14

Reserved: 2019-06-04T00:00:00

Link: CVE-2019-12720

JSON object: View

NVD Information

Status : Analyzed

Published: 2019-11-12T19:15:11.473

Modified: 2019-11-15T15:25:16.570

Link: CVE-2019-12720

JSON object: View

Redhat Information

No data.

CWE

CWE-89

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2019-11-12T18:26:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://drive.google.com/file/d/1QYgj4FU0MjSIhgXwddg4L5no9KYn8E9v/view"}, {"tags": ["x_refsource_MISC"], "url": "https://www.exploit-db.com/exploits/47542"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-12720", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://drive.google.com/file/d/1QYgj4FU0MjSIhgXwddg4L5no9KYn8E9v/view", "refsource": "MISC", "url": "https://drive.google.com/file/d/1QYgj4FU0MjSIhgXwddg4L5no9KYn8E9v/view"}, {"name": "https://www.exploit-db.com/exploits/47542", "refsource": "MISC", "url": "https://www.exploit-db.com/exploits/47542"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-12720", "datePublished": "2019-11-12T18:26:14", "dateReserved": "2019-06-04T00:00:00", "dateUpdated": "2019-11-12T18:26:14", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:auo:sunveillance_monitoring_system_\\&_data_recorder:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8F6A534-EFEB-4C18-818C-0C482544E799", "versionEndExcluding": "1.1.9e", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc_send_mail.aspx (MailAdd parameter) SQL Injection. An Attacker can carry a SQL Injection payload to the server, allowing the attacker to read privileged data. This also affects the picture_manage_mvc.aspx plant_no parameter, the swapdl_mvc.aspx plant_no parameter, and the account_management.aspx Text_Postal_Code and Text_Dis_Code parameters."}, {"lang": "es", "value": "AUO SunVeillance Monitoring System versiones anteriores a v1.1.9e, es vulnerable a una inyecci\u00f3n SQL del archivo mvc_send_mail.aspx (par\u00e1metro MailAdd). Un atacante puede llevar una carga \u00fatil de inyecci\u00f3n SQL al servidor, permiti\u00e9ndole leer datos privilegiados. Esto tambi\u00e9n afecta el par\u00e1metro plant_no del archivo picture_manage_mvc.aspx, el par\u00e1metro plant_no del archivo swapdl_mvc.aspx y los par\u00e1metros Text_Postal_Code y Text_Dis_Code del archivo account_management.aspx."}], "id": "CVE-2019-12720", "lastModified": "2019-11-15T15:25:16.570", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-11-12T19:15:11.473", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://drive.google.com/file/d/1QYgj4FU0MjSIhgXwddg4L5no9KYn8E9v/view"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/47542"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "nvd@nist.gov", "type": "Primary"}]}