Esafenet CDG Default Login Scanner

The Esafenet CDG is an electronic document security management system designed to help organizations manage and secure their electronic documents. It is utilized by companies that require secure storage, access, and management of sensitive documents. The software is typically used in industries that handle a large volume of confidential information, such as finance, healthcare, and legal services. It allows administrators to control document permissions, track access history, and ensure regulatory compliance. Esafenet CDG integrates with various IT infrastructures to provide a comprehensive solution for document security. The software is favored for its robust security features and ease of integration into existing systems.

The vulnerability detected by this scanner is related to the presence of default login credentials in the Esafenet CDG system. Default login vulnerabilities occur when software systems are shipped with standard, unchanged username-password pairs that are predictable or easily guessable. Unauthorized access can be obtained if these credentials are not changed after installation, potentially leading to data breaches. This vulnerability poses a significant risk as attackers can exploit it to gain admin-level access, compromising document security. Organizations using Esafenet CDG might become targets for attackers if the default credentials are not updated. Detecting such vulnerabilities is crucial to maintaining the integrity of the document management system.

Technically, the vulnerability is located in the login process of the Esafenet CDG system, where preset usernames and passwords (e.g., "systemadmin" with "12345678") are allowed access. The scanner attempts to log in through a POST request to the "/CDGServer3/SystemConfig" endpoint using a variety of default credentials. If the server returns a successful status and specific response patterns are detected, it indicates that default login credentials are still active. The payloads and matchers in the scanner are designed to ensure accurate detection of the vulnerability by examining the HTTP response for specific words, regex patterns, and a status code of 200.

If exploited, this vulnerability can have severe consequences, including unauthorized access to sensitive documents managed by the Esafenet CDG system. Attackers might alter, steal, or delete critical data, potentially leading to financial losses, reputational damage, and legal liabilities for organizations. Additionally, sensitive information could be exposed publicly or sold on the black market, increasing the risk of industrial espionage or identity theft. Ensuring default credentials are removed or changed is vital to protect against such threats.