AVCON Integrated Management Platform SQL Injection Scanner

AVCON Integrated Management Platform is widely utilized by enterprises and organizations seeking a comprehensive solution for integrating image management and video conferencing. It supports various subsystems for image and audio/video integration, making it versatile for command and dispatch operations. The platform is favored in environments that require high-level coordination and management of video surveillance. AVCON is commonly deployed in control rooms and emergency response centers due to its robust features. The software aims to enhance operational efficiency through seamless integration of video and audio systems. With its real-time management capabilities, it is an essential tool in settings requiring dynamic interactions.

The vulnerability detected in the AVCON Integrated Management Platform pertains to a SQL Injection (SQLi) that can be exploited through the platform's 'avcon.action' endpoint. This type of vulnerability allows attackers to interfere with the queries an application makes to its database. By exploiting SQL Injection, attackers can bypass authentication, retrieve sensitive data, and potentially alter database content. This form of attack is critical as it directly undermines the confidentiality, integrity, and availability of data within the application. SQL Injection can become a gateway for attackers to gain administrative access to the underlying systems. The vulnerability in AVCON requires immediate attention to prevent escalated attacks.

Technically, the AVCON Integrated Management Platform's 'avcon.action' endpoint contains a time-based SQL Injection vulnerability. This occurs when the application does not properly sanitize input data before executing SQL queries. The specific injection point is through the 'name' parameter, which can be manipulated to include SQL payloads that delay the system response, thus confirming the vulnerability existance. The payload modifies the database query to benchmark its execution time, providing a clear indication of exploitability. The matcher's logic confirms the presence of the vulnerability based on the duration of the response. Careful attention is needed to modify database parameters safely.

When exploited, this SQL Injection vulnerability can lead to severe consequences, including unauthorized database access and information leakage. Attackers may exploit this to retrieve sensitive user credentials and manipulate database records. Additionally, SQL Injection could pave the way for executing further server-side attacks, potentially escalating to full system compromise. It poses risks of disrupting application functionality, leading to downtime or incorrect operations. This vulnerability also increases the chances of automated attacks once known, leading to widespread exploitation if not adequately addressed. Immediate remediation is critical to prevent data breaches and maintain system security.