CVE-2020-37008
Unknown Unknown - Not Provided
SQL Injection Authentication Bypass in EasyPMS 1.0.0 Allows Admin Access

Publication date: 2026-01-29

Last updated on: 2026-01-29

Assigner: VulnCheck

Description
EasyPMS 1.0.0 contains an authentication bypass vulnerability that allows unprivileged users to manipulate SQL queries in JSON requests to access admin user information. Attackers can exploit weak input validation by injecting single quotes in ID parameters and modify admin user passwords without proper token authentication.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-29
Last Modified
2026-01-29
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37008
EUVD
EUVD-2020-30903
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
unknown_vendor easypms 1.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-639 The system's authorization functionality does not prevent one user from gaining access to another user's data or record by modifying the key value identifying the data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows unauthorized access to administrative user information and modification of admin passwords due to authentication bypass and weak input validation. This unauthorized access and potential data manipulation could lead to violations of data protection standards and regulations such as GDPR and HIPAA, which require strict controls on access to sensitive information and user authentication. However, specific impacts on compliance are not detailed in the provided resources. [1, 3]

Executive Summary

CVE-2020-37008 is an authentication bypass vulnerability in EasyPMS 1.0.0 that allows unprivileged users to manipulate SQL queries embedded in JSON requests. Attackers inject single quotes into ID parameters to bypass authentication and retrieve admin user information. They can then change admin passwords without proper token validation, effectively escalating their privileges to admin. [1, 3]

Impact Analysis

This vulnerability can allow an attacker with no privileges to gain full administrative access by bypassing authentication and modifying admin passwords. This leads to unauthorized access to sensitive data and control over the EasyPMS system, potentially compromising confidentiality and integrity of the system. [1, 3]

Detection Guidance

This vulnerability can be detected by monitoring for unusual POST requests to the /Select/STDUSER endpoint containing JSON bodies with manipulated 'Where' clauses that include single quote injections in the ID parameter. For example, detecting JSON POST requests with payloads similar to: { "Action":"Select", "Object":"STDUSER", "Where":[{"Column":"ID'","Operator":"=","Value":"<value>"}, ...] }. Network or application logs can be searched for such patterns. Additionally, attempts to update the STDUSER table without proper authentication tokens can indicate exploitation attempts. Specific commands depend on your environment, but for example, using grep or similar tools on web server logs to find POST requests to /Select/STDUSER with suspicious JSON payloads can help detect exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include applying the vendor's patch or update that fixes the authentication bypass vulnerability. If a patch is not yet available, restrict access to the vulnerable endpoints such as /Select/STDUSER to trusted users only, implement proper input validation to prevent SQL injection in JSON requests, and enforce strict authentication and authorization checks on sensitive operations like password changes. Monitoring and blocking suspicious requests that contain single quote injections in ID parameters can also help mitigate exploitation attempts. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37008. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart