It is currently Mon Jan 18, 2021 12:23 am
All times are UTC + 8 hours

SQL Injection?

Backup and data protection discussion at its finest.

SQL Injection?

Postby Stipo » Tue Jan 12, 2021 2:36 am

Hello everyone,

I have an AS6404T with the current version of ADM 3.5.3.RBH1 and today i got some scary messages from the AiMaster-App...


After a short look into the logs via the app, I shutdown the system and unplugged it.
I made screenshots of the notefications, because the log-files don't show anything, only the bad-block scan and the login from yesterday and from today, but nothing else.

I disconnected it from my LAN booted it, now I'm connected directly with my laptop and I'm searching for changes.

I looked into tables of the mariaDB but i couldn't find anything weard, most of them are empty.
Also into the path "/usr/builtin/webman/portal..." and the subdirs, but I have no idea of the use of the files in this directories and what files could be deleted.
I found this article about a vulnerability
https://www.exploit-db.com/exploits/45200

There are no new users and all passwords are working fine.

Can someone help me?

Thank you.
Attachments
IMG_7518[1].PNG
IMG_7518[1].PNG (2.29 MiB) Viewed 61 times
IMG_7519[1].PNG
IMG_7519[1].PNG (2.3 MiB) Viewed 61 times
Stipo
 
Posts: 1
Joined: Tue Jan 12, 2021 2:04 am

Return to Backup and Data Protection

  • You cannot post new topics in this forum
    You cannot reply to topics in this forum
    You cannot edit your posts in this forum
    You cannot delete your posts in this forum
    You cannot post attachments in this forum
  • Who is online

    Users browsing this forum: No registered users and 2 guests