Linknat VOS2009/VOS3000 SQL injection

May 23, 2016 007admin Leave a comment

Posted by Osama Khalid on May 23

A SQL injection was found in Linknat VOS3000/VOS2009, a popular VoIP
softswitch, that could allow remote attackers to gain access to the
credentials stored in plain-text.

Application: Linknat VOS3000/VOS2009
Versions Affected: 2.1.1.5, 2.1.1.8, 2.1.2.0
Vendor URL: http://www.linknat.com/
Bug: SQLi (with DBA privileges)
Type: Remote
Resolution: Fixed, upgrade to 2.1.2.4
Reference: WooYun-2015-145458 -…

007 Software

Linknat VOS2009/VOS3000 SQL injection

Leave a Reply Cancel reply

Software and Security Information