Missing Server-Side Authentication Checks in EfficientLab WorkExaminer Professional

An unauthenticated attacker with access to TCP port 12306 of the WorkExaminer server can exploit missing server-side authentication checks to bypass the login prompt in the WorkExaminer Professional console to gain administrative access to the WorkExaminer server and therefore all sensitive monitoring data. This includes monitored screenshots and keystrokes of all users. The WorkExaminer Professional console is used for administrative access to the server. Before access to the console is granted administrators must login. Internally, a custom protocol is used to call a respective stored procedure on the MSSQL database. The return value of the call is not validated on the server-side. Instead it is only validated client-side which allows to bypass authentication.

N/A

服务端安全的客户端实施

Work Examiner Professional 安全漏洞

Work Examiner Professional是美国Work Examiner公司的一款员工电脑监控软件。 Work Examiner Professional存在安全漏洞，该漏洞源于服务器端缺少身份验证检查，可能导致未经验证的攻击者绕过登录提示并获得管理员权限，从而访问所有敏感监控数据。

N/A

N/A