CVE-2021-25899 Scanner
Detects 'SQL Injection' vulnerability in Void Aural Rec Monitor affects v. 9.0.0.1.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month
Scan only one
Domain, IPv4
Toolbox
-
Void Aural Rec Monitor is a monitoring tool used for audio surveillance in various industries, such as security, law enforcement, and business intelligence. Its main purpose is to record and analyze audio data from different sources, including microphones, phone lines, and network streams. The tool ensures that all conversations are captured and stored for later analysis, allowing organizations to extract valuable insights and evidence.
The CVE-2021-25899 vulnerability detected in Void Aural Rec Monitor 9.0.0.1 refers to an issue in svc-login.php that allows an unauthenticated attacker to perform a blind time-based SQL injection. Specifically, the vulnerable parameter is param1, which can be manipulated to inject malicious SQL queries into the back-end database. This can lead to unauthorized access to sensitive information, such as user credentials, call recordings, and chat logs.
When exploited, this vulnerability can cause significant harm to organizations that rely on Void Aural Rec Monitor for audio surveillance. For instance, attackers can access critical data, disrupt operations, steal intellectual property, and compromise the privacy and security of individuals. In addition, the vulnerability can enable attackers to evade detection and persist in the compromised system, making it difficult for security teams to identify and mitigate the threat.
If you find this information useful, you may want to consider using the s4e.io platform for continuous monitoring and assessment of your digital assets. With its advanced features and real-time alerts, you can stay informed about the latest vulnerabilities and threats that may affect your organization. Moreover, by working with a team of experienced security professionals, you can improve your security posture and mitigate risks more effectively.
REFERENCES