Internet Reservation Module Next Generation
CVE-2023-39423
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user.
AnalysisAI
The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as SQL Injection (CWE-89), which allows attackers to execute arbitrary SQL commands against the database. The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. By using a UNION SQL operator, an attacker can leak the sessions table, obtain the currently valid sessions and impersonate a currently logged-in user. Affected products include: Resortdata Internet Reservation Module Next Generation.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use parameterized queries/prepared statements. Never concatenate user input into SQL. Apply least-privilege database permissions.
The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens.
A vulnerability in RDPngFileUpload.dll, as used in the IRM Next Generation booking system, allows a remote attacker to u
The RDPCore.dll component as used in the IRM Next Generation booking engine, allows a remote user to connect to customer
The RDPWin.dll component as used in the IRM Next Generation booking engine includes a set of hardcoded API keys for thir
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today