Merhawi Solomon Gebrekidan

**Name of the Vulnerable Software and Affected Versions** MK-AUTH version 19.01 **Description** An issue was discovered in MK-AUTH, which involves SQL injection issues in various PHP scripts, including `arp.php`, `dhcp.php`, `hotspot.php`, `ip.php`, `pgaviso.php`, `pgcorte.php`, `pppoe.php`, `queues.php`, and `wifi.php`. **Recommendations** For MK-AUTH version 19.01, consider restricting access to the vulnerable PHP scripts until a patch is available. As a temporary workaround, avoid using user-input data in SQL queries to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MK-AUTH version 19.01 **Description** An issue was discovered that allows an attacker to execute arbitrary JavaScript code due to XSS vulnerabilities in admin and client scripts. **Recommendations** For MK-AUTH version 19.01, update to a version that includes a fix for the XSS vulnerabilities in admin and client scripts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MK-AUTH version 19.01 **Description** An issue in MK-AUTH allows command execution as root via shell metacharacters to /auth admin scripts. **Recommendations** For MK-AUTH version 19.01, consider restricting access to the /auth admin scripts as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Mk-Auth version 19.01 **Description** The issue is related to a lack of protection against SQL structure manipulation in the central/executar login.php component of the Mk-Auth authentication software. This allows a remote attacker to execute arbitrary SQL queries on the target system's database by sending a specially crafted request. The web login functionality is vulnerable to SQL injection, enabling an attacker to bypass authentication and gain client privileges. **Recommendations** For Mk-Auth version 19.01, consider temporarily restricting access to the central/executar login.php component until a patch is available. As a mitigation measure, avoid using user-input data directly in SQL queries to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MK-AUTH version 19.01 **Description** The issue concerns an authentication bypass in the web login functionality. This is due to guessable credentials for the admin access to the `admin/executar login.php` endpoint. The vulnerability is related to errors in handling registration data, which can allow a remote attacker to elevate their privileges. **Recommendations** For MK-AUTH version 19.01, consider restricting access to the `admin/executar login.php` endpoint until a fix is available. As a temporary workaround, review and strengthen the credentials used for admin access to prevent guessable credentials from being exploited.