Gosuncn Technology Group Audio-Visual Integrated Management Platform Information Disclosure Vulnerability
Vulnerability
A critical information disclosure vulnerability has been identified in Gosuncn Technology Group Audio-Visual Integrated Management Platform version 1.0. The issue arises from an unknown functionality in the file '/sysmgr/user/listByPage', where improper input handling allows sensitive information to be exposed. This vulnerability can be exploited remotely without authentication.
Impact
Exploitation of this vulnerability leads to unauthorized access to sensitive information, potentially affecting user privacy and data confidentiality.
Reproduction
The vulnerability can be reproduced by sending a request to the '/sysmgr/user/listByPage' endpoint. This can be done by logging into the application and then accessing the vulnerable URL directly. Several IP addresses have been identified where this vulnerability can be exploited.
Remediation
It is recommended to implement proper firewall rules to block unauthorized access to the vulnerable endpoint.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.