ESAFENET CDG SQL Injection Vulnerability

A critical SQL injection vulnerability has been identified in ESAFENET CDG version 3. The issue arises in an unknown function of the file '/CDGServer3/UserAjax', where the 'Username' parameter can be manipulated to execute SQL injection attacks. This vulnerability can be exploited remotely, and the details of the exploit have been disclosed publicly.

Impact

Exploitation of this vulnerability allows for SQL injection, which could lead to unauthorized data access or manipulation in the database.

Reproduction

The vulnerability can be reproduced by sending a POST request to '/CDGServer3/UserAjax;Service' with the 'command' parameter set to 'isExist' and the 'userName' parameter crafted to include SQL injection payloads. The injection can be verified using a tool like sqlmap, which can automate the process of detecting and exploiting SQL injection vulnerabilities.