iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass
Title: iDS6 DSSPro Digital Signage System 6.2 CAPTCHA Security Bypass
Advisory ID: ZSL-2020-5607
Type: Local/Remote
Impact: Security Bypass
Risk: (2/5)
Release Date: 04.11.2020
V5.6 B2017.07.12.1757
V4.3
Microsoft Windows 7
Microsfot Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows 10
Apache Tomcat/8.0.44
Apache Tomcat/6.0.35
Apache-Coyote/1.1
Apache Axis/1.4
MySQL 5.5.25
Java 1.8.0
[2] https://exchange.xforce.ibmcloud.com/vulnerabilities/191259
[3] https://packetstormsecurity.com/files/159917
[4] https://cxsecurity.com/issue/WLB-2020110024
[11.11.2020] - Added reference [1], [2], [3] and [4]
Web: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk
Advisory ID: ZSL-2020-5607
Type: Local/Remote
Impact: Security Bypass
Risk: (2/5)
Release Date: 04.11.2020
Summary
iDS6 Software's DSSPro network digital signage management system is a web-based server software solution for Windows.Description
The CAPTCHA function for DSSPro is prone to a security bypass vulnerability that occurs in the CAPTCHA authentication routine. By requesting the autoLoginVerifyCode object an attacker can receive a JSON message code and successfully bypass the CAPTCHA-based authentication challenge and perform brute-force attacks.Vendor
Guangzhou Yeroo Tech Co., Ltd. - http://www.yerootech.comAffected Version
V6.2 B2014.12.12.1220V5.6 B2017.07.12.1757
V4.3
Tested On
Microsoft Windows XPMicrosoft Windows 7
Microsfot Windows Server 2008
Microsoft Windows Server 2012
Microsoft Windows 10
Apache Tomcat/8.0.44
Apache Tomcat/6.0.35
Apache-Coyote/1.1
Apache Axis/1.4
MySQL 5.5.25
Java 1.8.0
Vendor Status
N/APoC
dsspro_captcha.txtCredits
Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk>References
[1] https://www.exploit-db.com/exploits/48991[2] https://exchange.xforce.ibmcloud.com/vulnerabilities/191259
[3] https://packetstormsecurity.com/files/159917
[4] https://cxsecurity.com/issue/WLB-2020110024
Changelog
[04.11.2020] - Initial release[11.11.2020] - Added reference [1], [2], [3] and [4]
Contact
Zero Science LabWeb: https://www.zeroscience.mk
e-mail: lab@zeroscience.mk