CVE-2020-28918

Vulnerability

DualShield version 5.9.8.0821 contains a username enumeration vulnerability in its login form. The application returns different error messages depending on whether the submitted username exists: a valid username prompts for a password, while an invalid one returns an "unknown username" error. This behavior allows an attacker to determine valid usernames. [3]

Exploitation

An attacker with network access to the DualShield login page can send repeated login requests with different usernames and observe the response. No authentication or special privileges are required. The attacker can systematically test usernames to identify which ones are registered. [3]

Impact

Successful exploitation enables an attacker to enumerate valid usernames. This information can be used to target specific accounts in subsequent attacks, such as password guessing or social engineering. The CVSS v3.1 score is 5.4 (medium), with low confidentiality impact and no impact on integrity or availability. [3]

Mitigation

The vulnerability is fixed in DualShield version 6.0. Administrators must enable the new "Prevent login name guessing" checkbox in the authentication panel to prevent enumeration. Users should upgrade to version 6.0 or later. [3]