QiHang Media Web Digital Signage Credential Disclosure Scanner

QiHang Media Web Digital Signage is widely used by organizations to manage and deploy digital signage solutions across various locations. This software allows users to create, schedule, and display multimedia content on digital screens. Primarily utilized by marketing teams and service providers, it helps to enhance customer engagement and communication. Businesses and institutions use QiHang Media for informative and promotional display purposes. Signage solutions powered by QiHang Media are found in retail spaces, corporate offices, and public venues. It facilitates remote management capabilities of digital signage systems through its web interface.

The credential disclosure vulnerability in QiHang Media Web Digital Signage exposes sensitive administrative credentials to unauthorized individuals. This weakness arises when credentials are stored or transmitted in clear text, making them accessible to attackers who can intercept or locate them. Exploiting this vulnerability can lead to unauthorized access and potential control over the affected system. The vulnerability allows malicious actors to obtain login information, thus facilitating unauthorized system alterations or data breaches. Cleartext transmission of credentials without proper encryption or protection represents a significant security risk. Unauthorized access gained can lead to further exploitation of the system's resources and data.

The vulnerability exploits the endpoint '/xml/User/User.xml', which stores clear text user credentials. Attackers can issue requests to this unprotected directory to retrieve sensitive XML files containing login information. To exploit this, attackers do not require prior authorization, making it a high-risk issue. This vulnerability is particularly severe because it can be exploited remotely over the network. The critical aspect is that the system doesn't enforce adequate access controls or encryption on sensitive data. Gaining these credentials facilitates an authentication bypass, granting attackers administrative capabilities.

If exploited, this vulnerability could allow attackers to gain unauthorized access to the system's administrative functions. Such access could result in data modification, deletion, or further breach of other systems within the network. It may lead to the leakage of additional sensitive information stored in the system. Administrative access could be misused to alter display content, creating potential reputational damage for the organization. The unauthorized modification of system settings might impact the regular operations of digital signage infrastructure. Moreover, this vulnerability could serve as a stepping stone for more extensive attacks on the organization's network.

REFERENCES

• https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5579.php