AT Software Solutions ATSVD SQL Injection Vulnerability in Login Endpoint

A critical SQL injection vulnerability has been identified in AT Software Solutions ATSVD versions prior to 3.4.2. The issue resides in the login endpoint, specifically within the '/login.aspx' file. The vulnerability allows remote attackers to manipulate the 'txtUsuario' parameter, injecting malicious SQL queries that are executed against the application's database. This exploitation method is classified as Blind Boolean-Based SQL Injection, where the attacker can infer database information based on the application's response.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can execute arbitrary SQL queries in the context of the application's database. This could lead to unauthorized data access, data manipulation, or in some cases, executing commands on the server if the database is connected to the file system.

Reproduction

To reproduce this vulnerability, send a request to the '/login.aspx' page with a crafted 'txtUsuario' parameter that includes a SQL injection payload. The payload should be designed to exploit the application's SQL query handling, such as by injecting SQL commands that manipulate the query execution or database response. After intercepting the request, use Burp Suite's Intruder feature to automate the injection process and extract database information based on the application's response.

Remediation

Users are advised to upgrade to AT Software Solutions ATSVD version 3.4.2 or later to address this vulnerability.