An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ASP.net SMS module can be used to read and validate the source code of ASP files. By altering the path, it can be made to read any file on the Operating System, usually with NT AUTHORITYSYSTEM privileges.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ozeki_ng_sms_gateway | Ozeki | * | 4.17.6 (including) |
References
- https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14021-Arbitrary%20File%20Read-Ozeki%20SMS%20Gateway
- https://www.ozeki.hu/index.php?ow_page_number=1017\u0026downloadaction=email\u0026download_product_id=1\u0026os=windows\u0026dpath=%2Fattachments%2F702%2Finstallwindows_1590575794_OzekiNG-SMS-Gateway_4.17.6.zip\u0026dname=Ozeki+NG+SMS+Gateway+v4.17.6\u0026dsize=+%2817.8+MB%29\u0026platform=Windows
- https://www.ozeki.hu/index.php?owpn=231
- https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2020-14021-Arbitrary%20File%20Read-Ozeki%20SMS%20Gateway
- https://www.ozeki.hu/index.php?ow_page_number=1017\u0026downloadaction=email\u0026download_product_id=1\u0026os=windows\u0026dpath=%2Fattachments%2F702%2Finstallwindows_1590575794_OzekiNG-SMS-Gateway_4.17.6.zip\u0026dname=Ozeki+NG+SMS+Gateway+v4.17.6\u0026dsize=+%2817.8+MB%29\u0026platform=Windows
- https://www.ozeki.hu/index.php?owpn=231