Netman 204 4.05 SQL Injection - Unauthenticated Password Reset exploit
CyberDanube Security Research has identified two significant vulnerabilities in the NetMan 204 version 4.05, which have been assigned the CVE identifiers CVE-2024-8877 and CVE-2024-8878. The first vulnerability is an SQL Injection flaw found in three specific endpoints that allows attackers to manipulate log data without needing authentication. The second vulnerability enables unauthenticated users to reset the device's password by obtaining a netmanid from the UPS and calculating a recovery code, potentially allowing unauthorized control over the UPS, including the ability to turn it off. Despite attempts to contact Riello, the manufacturer of NetMan 204, and discuss these vulnerabilities, there has been no commitment to releasing a firmware update to address these issues. CyberDanube recommends limiting access to the device and advises against using it in productive networks until a fix is provided. CVEs: CVE-2024-8877, CVE-2024-8878 [View Article](https://sploitus.com/exploit?id=PACKETSTORM:181794)