S4E

CVE-2021-25899 Scanner

Detects 'SQL Injection' vulnerability in Void Aural Rec Monitor affects v. 9.0.0.1.

Short Info


Level

High

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month

Scan only one

Domain, IPv4

Toolbox

-

Void Aural Rec Monitor is a monitoring tool used for audio surveillance in various industries, such as security, law enforcement, and business intelligence. Its main purpose is to record and analyze audio data from different sources, including microphones, phone lines, and network streams. The tool ensures that all conversations are captured and stored for later analysis, allowing organizations to extract valuable insights and evidence.

The CVE-2021-25899 vulnerability detected in Void Aural Rec Monitor 9.0.0.1 refers to an issue in svc-login.php that allows an unauthenticated attacker to perform a blind time-based SQL injection. Specifically, the vulnerable parameter is param1, which can be manipulated to inject malicious SQL queries into the back-end database. This can lead to unauthorized access to sensitive information, such as user credentials, call recordings, and chat logs.

When exploited, this vulnerability can cause significant harm to organizations that rely on Void Aural Rec Monitor for audio surveillance. For instance, attackers can access critical data, disrupt operations, steal intellectual property, and compromise the privacy and security of individuals. In addition, the vulnerability can enable attackers to evade detection and persist in the compromised system, making it difficult for security teams to identify and mitigate the threat.

If you find this information useful, you may want to consider using the s4e.io platform for continuous monitoring and assessment of your digital assets. With its advanced features and real-time alerts, you can stay informed about the latest vulnerabilities and threats that may affect your organization. Moreover, by working with a team of experienced security professionals, you can improve your security posture and mitigate risks more effectively.

 

REFERENCES

Get started to protecting your Free Full Security Scan