Check Point security researchers revealed multiple critical vulnerabilities in a popular IPTV platform called Ministra. The vulnerabilities could allow attackers to bypass authentication and obtain users’ information. The impact of the vulnerabilities could be quite devastating. The research shows that there are over 1000 providers of the service. The good news is that vulnerability has been patched.
The Ministra platform is utilized by over a thousand regional and international online media streaming services to manage their millions of subscribers. The vulnerabilities in the platform could lead to their entire customer database of personal info and financial details being exposed, as well as allowing attackers to potentially stream any content on to the screens of the customer network.
More about the Ministra Platform
Infomir is a Ukrainian manufacturer of IPTV (Internet Protocol Television), OTT (Over-the-Top) and VoD (Video-on Demand) devices such as set-top boxes, the report explains. The set-top boxes (STB) are described as streamers which connect to a television service provider from one side, and to customers’ television on the other. Each of these STBs communicates with from the dedicated Ministra platform.
In order to receive the television broadcast, the STB connects to the Ministra and service providers use the Ministra platform to manage their clients. Were an attacker to gain unauthorized access to this platform they could essentially expose the provider’s customer base’s financial details or change the content sent to the service providers’ customers.
Long story short, Check Point came across a logical flaw in an authentication function of Ministra. The function fails to validate requests thus enabling remote attackers to bypass authentication. In addition, attackers could also carry out SQL injection using another vulnerability which could be exploited only by an authenticated attacker.
When chained with a PHP object injection flaw, the remote execution of arbitrary code becomes possible, and this is visible in a video demonstration.
The good news is that the researchers contacted the company, which addressed the vulnerabilities in Ministra version 5.4.1. Vulnerable parties should update to the latest version of the platform as soon as possible.