CVE-2022-40472: ZKBio Time - CSV Injection

ZKBio Time - CSV Injection

Hi all,

I am here with new post. Recently I have identified a csv injection vulnerability in one of the web-based time and attendance management software. Below are the details:

Software Description:

ZKBio Time is a powerful web-based time and attendance management software. With a powerful data handling capacity, the system can manage the attendance data of 10,000 employees. It can easily handle hundreds of devices and thousands of employees and their transactions. ZKBio Time comes with an intuitive user interface is able to manage timetable, shift and schedule and can easily generate attendance reports.

Impacted Version: 8.0.7 (Build: 20220721.14829) and before.

Vulnerability details:

1. Login to ZKBio Time Application
2. In the left Menu click on Messages -> Public
3. Click on ADD new message button
4. Write your Device Serial Number
5. Mention any date/time and duration
6. In Content Field Add your CSV injection payload.
7. As shown below

8. Any user who extract the report in CSV format and opens it

10. The embedded payload will be executed

There is 90% chance that user will ignore the below warning box as the report is downloaded from trusted source. This will lead to payload execution.

Thanks

Popular posts from this blog

Add Background Image on your USB/Flash Drive/Any System drive.

How to set a Background Image on your Pendrive: 1.Select an image on your computer which you want to appear as background image. 2.Rename that image to “Image” without quotes. 3.Now copy and paste the image to your Pendrive. 4.Now create a new notepad file in ur Pendrive and paste the following code in it. [ExtShellFolder Views] {BE098140-A513-11D0-A3A4-00C04FD706EC}= {BE098140-A513-11D0-A3A4-00C04FD706EC} [{BE098140-A513-11D0-A3A4-00C04FD706EC}] IconArea_Image= Image.jpg (check the file type of image. if its .jpg or .png or .bmp etc) 5.Save the file as desktop.ini in your pendrive and change the save as type to all files. 6.Remove your Pendrive and Enter Again and Open it. Note: This trick works best on Windows Xp and Vista . Wallpaper could also be set in any other directory like C:, D:, E: etc. Just copy and paste the files in the directory where you want the wallpaper to appear.

Ericsson BSCS iX R18 Billing & Rating (ADMX, MX) - Stored XSS

Dear Reader, I was able to identify stored XSS in multiple web base modules of Ericsson BSCS iX R18 Billing & Rating platform Below are its details: # Software description: Ericsson Billing is a convergent billing solution for telecoms that combines an unrivaled combination of out-of-the box features and high configurability. As an evolution of the widely-installed Ericsson BSCS iX, Ericsson Billing provides a low-risk but effective route to capture and secure revenue streams and take advantage of business opportunities from both traditional telecom services as well as digital services, 5G and IoT. # Technical Details & Impact: There are multiple web base modules in BSCS iX e.g. ADMX, MX (monitoring center), CX etc. It was observed that ADMX and MX are vulnerable to stored XSS, In most test cases session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admin’s browsers using beef

Autoconfiguration ipv4 address 196.254.x.x IP Problem

Today when i connect my laptop to Lan it wasn’t getting the ip from my DHCP server. Instead it gives me some weird IP like 196.254.x.x . while my Wifi was working fine, I searched Alot to get to know until i found a great piece of code on a blog. so going to share with you guys. Problem with my Ip. Steps to follow: If you are Using any Firewall disable it (like i use comodo so i disable it temporary) Click on start and click on RUN (or simple press windowsKey+R ) type CMD Now type the below Codes netsh interface ipv4 show inter It will show like this. As we have problem in LAN so my LAN here is Local Area Connection and Its Idx=11 (we will use this idx number in next code) Now type in this code and replace your Idx number, as mine is 11 netsh interface ipv4 set interface 11 dadtransmits=0 store=persistent It will show like this. If it says OK. Congratulations you have done the difficult part Now Click on Start and Run again and Type Servic