{"id":10445,"date":"2025-07-23T12:33:15","date_gmt":"2025-07-23T05:33:15","guid":{"rendered":"https:\/\/infosec.new88088.net\/?p=10445"},"modified":"2026-02-05T12:33:22","modified_gmt":"2026-02-05T05:33:22","slug":"lo-hong-xu-ly-chuoi-cho-phep-chiem-quyen-system-tren-etq-reliance","status":"publish","type":"post","link":"https:\/\/infosec.new88088.net\/2025\/07\/23\/lo-hong-xu-ly-chuoi-cho-phep-chiem-quyen-system-tren-etq-reliance\/","title":{"rendered":"L\u1ed7 h\u1ed5ng x\u1eed l\u00fd chu\u1ed7i cho ph\u00e9p chi\u1ebfm quy\u1ec1n SYSTEM tr\u00ean ETQ Reliance"},"content":{"rendered":"

M\u1ed9t l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng trong ph\u1ea7n m\u1ec1m qu\u1ea3n l\u00fd ch\u1ea5t l\u01b0\u1ee3ng ETQ Reliance cho ph\u00e9p k\u1ebb t\u1ea5n c\u00f4ng gi\u00e0nh to\u00e0n quy\u1ec1n truy c\u1eadp h\u1ec7 th\u1ed1ng qu\u1ea3n tr\u1ecb ch\u1ec9 b\u1eb1ng c\u00e1ch th\u00eam m\u1ed9t d\u1ea5u c\u00e1ch v\u00e0o t\u00ean \u0111\u0103ng nh\u1eadp. <\/b><\/p>\n

\n
\"ETQ.png\"<\/div>\n<\/div>\n

\u0110\u01b0\u1ee3c theo d\u00f5i v\u1edbi m\u00e3 CVE-2025-34143, l\u1ed7 h\u1ed5ng n\u00e0y thu\u1ed9c lo\u1ea1i b\u1ecf qua x\u00e1c th\u1ef1c k\u1ef3 l\u1ea1 nh\u1ea5t t\u1eebng \u0111\u01b0\u1ee3c ph\u00e1t hi\u1ec7n trong ph\u1ea7n m\u1ec1m doanh nghi\u1ec7p. Ch\u1ec9 c\u1ea7n nh\u1eadp \u201cSYSTEM \u201d (c\u00f3 d\u1ea5u c\u00e1ch \u1edf cu\u1ed1i) v\u00e0o tr\u01b0\u1eddng t\u00ean ng\u01b0\u1eddi d\u00f9ng c\u00f9ng v\u1edbi b\u1ea5t k\u1ef3 m\u1eadt kh\u1ea9u n\u00e0o, h\u1ec7 th\u1ed1ng s\u1ebd c\u1ea5p to\u00e0n quy\u1ec1n truy c\u1eadp.<\/p>\n

L\u1ed7 h\u1ed5ng n\u00e0y d\u1eabn \u0111\u1ebfn kh\u1ea3 n\u0103ng chi\u1ebfm quy\u1ec1n \u0111i\u1ec1u khi\u1ec3n ho\u00e0n to\u00e0n v\u00e0 th\u1ef1c thi m\u00e3 t\u1eeb xa tr\u00ean h\u1ec7 th\u1ed1ng. C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u t\u1eeb Assetnote \u0111\u00e3 ph\u00e1t hi\u1ec7n s\u1ef1 c\u1ed1 n\u00e0y m\u1ed9t c\u00e1ch t\u00ecnh c\u1edd trong qu\u00e1 tr\u00ecnh \u0111\u00e1nh gi\u00e1 b\u1ea3o m\u1eadt \u0111\u1ecbnh k\u1ef3 \u0111\u1ed1i v\u1edbi ETQ Reliance, m\u1ed9t n\u1ec1n t\u1ea3ng qu\u1ea3n l\u00fd t\u00e0i li\u1ec7u \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng r\u1ed9ng r\u00e3i tr\u00ean to\u00e0n th\u1ebf gi\u1edbi. D\u00f9 c\u00f3 m\u1ee9c \u0111\u1ed9 tri\u1ec3n khai cao, ph\u1ea7n m\u1ec1m n\u00e0y ch\u01b0a t\u1eebng \u0111\u01b0\u1ee3c ki\u1ec3m tra b\u1ea3o m\u1eadt s\u00e2u v\u00e0 kh\u00f4ng c\u00f3 CVE n\u00e0o \u0111\u01b0\u1ee3c ghi nh\u1eadn tr\u01b0\u1edbc \u0111\u00f3.<\/p>\n

Ph\u00e1t hi\u1ec7n ban \u0111\u1ea7u xu\u1ea5t ph\u00e1t t\u1eeb l\u1ed7i b\u1ea5t th\u01b0\u1eddng khi nh\u00f3m th\u1eed \u0111\u0103ng nh\u1eadp b\u1eb1ng t\u00e0i kho\u1ea3n \u201cSYSTEM\u201d. Thay v\u00ec b\u00e1o sai t\u00e0i kho\u1ea3n, h\u1ec7 th\u1ed1ng tr\u1ea3 v\u1ec1 th\u00f4ng b\u00e1o r\u1eb1ng t\u00e0i kho\u1ea3n ch\u1ec9 d\u00e0nh cho s\u1eed d\u1ee5ng n\u1ed9i b\u1ed9. Khi nh\u00f3m thay \u0111\u1ed5i v\u00e0 th\u00eam d\u1ea5u c\u00e1ch th\u00e0nh \u201cSYSTEM \u201d, c\u01a1 ch\u1ebf x\u00e1c th\u1ef1c l\u1eadp t\u1ee9c th\u1ea5t b\u1ea1i ho\u00e0n to\u00e0n, cho ph\u00e9p truy c\u1eadp to\u00e0n b\u1ed9 h\u1ec7 th\u1ed1ng v\u1edbi m\u1ecdi m\u1eadt kh\u1ea9u.<\/p>\n

Nguy\u00ean nh\u00e2n n\u1eb1m \u1edf c\u00e1ch x\u1eed l\u00fd chu\u1ed7i kh\u00f4ng \u0111\u1ed3ng nh\u1ea5t trong logic x\u00e1c th\u1ef1c. M\u1eb7c d\u00f9 ph\u1ea7n m\u1ec1m s\u1eed d\u1ee5ng equalsIgnoreCase() \u0111\u1ec3 ch\u1eb7n t\u00e0i kho\u1ea3n \u201cSYSTEM\u201d, c\u00fa ph\u00e1p n\u00e0y kh\u00f4ng ph\u00e1t hi\u1ec7n tr\u01b0\u1eddng h\u1ee3p c\u00f3 d\u1ea5u c\u00e1ch. \u0110\u00e1ng ch\u00fa \u00fd, t\u1ea7ng truy v\u1ea5n c\u01a1 s\u1edf d\u1eef li\u1ec7u l\u1ea1i s\u1eed d\u1ee5ng MySQL v\u1edbi collation m\u1eb7c \u0111\u1ecbnh (c\u00e1ch so s\u00e1nh v\u00e0 s\u1eafp x\u1ebfp chu\u1ed7i k\u00fd t\u1ef1), coi \u201cSYSTEM\u201d v\u00e0 \u201cSYSTEM \u201d l\u00e0 nh\u01b0 nhau. K\u1ebft qu\u1ea3 l\u00e0 h\u1ec7 th\u1ed1ng tr\u1ea3 v\u1ec1 \u0111\u1ed1i t\u01b0\u1ee3ng ng\u01b0\u1eddi d\u00f9ng h\u1ee3p l\u1ec7 v\u00e0 \u0111o\u1ea1n m\u00e3 kh\u1edfi t\u1ea1o ti\u1ebfp theo l\u1ea1i so s\u00e1nh \u0111\u00fang t\u00ean ng\u01b0\u1eddi d\u00f9ng \u201cSYSTEM\u201d, t\u1eeb \u0111\u00f3 thi\u1ebft l\u1eadp c\u1edd h\u1ec7 th\u1ed1ng v\u00e0 b\u1ecf qua b\u01b0\u1edbc ki\u1ec3m tra m\u1eadt kh\u1ea9u.<\/p>\n

C\u00e1c nh\u00e0 nghi\u00ean c\u1ee9u \u0111\u00e3 khai th\u00e1c l\u1ed7 h\u1ed5ng x\u00e1c th\u1ef1c n\u00e0y \u0111\u1ec3 \u0111\u1ea1t \u0111\u01b0\u1ee3c th\u1ef1c thi m\u00e3 t\u1eeb xa b\u1eb1ng c\u00e1ch l\u1ee3i d\u1ee5ng t\u00ednh n\u0103ng b\u00e1o c\u00e1o Jython t\u00f9y ch\u1ec9nh trong ETQ Reliance. B\u1eb1ng c\u00e1ch ch\u00e8n m\u00e3 Python \u0111\u1ed9c h\u1ea1i v\u00e0o b\u00e1o c\u00e1o h\u1ec7 th\u1ed1ng, h\u1ecd c\u00f3 th\u1ec3 th\u1ef1c thi l\u1ec7nh tr\u1ef1c ti\u1ebfp tr\u00ean m\u00e1y ch\u1ee7 n\u1ec1n t\u1ea3ng Windows<\/p>\n

L\u1ed7 h\u1ed5ng \u1ea3nh h\u01b0\u1edfng \u0111\u1ebfn t\u1ea5t c\u1ea3 phi\u00ean b\u1ea3n ETQ Reliance tr\u01b0\u1edbc NXG Release 2025.1.2. Vi\u1ec7c khai th\u00e1c ch\u1ec9 c\u1ea7n truy c\u1eadp giao di\u1ec7n \u0111\u0103ng nh\u1eadp m\u00e0 kh\u00f4ng y\u00eau c\u1ea7u x\u00e1c th\u1ef1c hay c\u00f4ng c\u1ee5 k\u1ef9 thu\u1eadt n\u00e0o. CVSS 3.1 \u0111\u00e1nh gi\u00e1 m\u1ee9c \u0111\u1ed9 nghi\u00eam tr\u1ecdng l\u00e0 Critical.<\/p>\n

Ngo\u00e0i CVE-2025-34143, nghi\u00ean c\u1ee9u c\u00f2n ph\u00e1t hi\u1ec7n ba l\u1ed7 h\u1ed5ng nghi\u00eam tr\u1ecdng kh\u00e1c:<\/p>\n