Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2020-14069

Description

An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php.

POC

Reference

- https://gist.github.com/merhawi023/a1155913df3cf0c17971b0fb7dcd8f20

Github

No PoCs found on GitHub currently.