V5 - Validation/Sanitization
LDAP injection
POC
So the query is at first the following (&(cn=[INPUT1])(userPassword=[INPUT2])) When we add a ) after username, we get an LDAP error (&(cn=admin)) (userPassword=admin)) So inject the following query (&(cn=admin) (cn=*))%00 (userPassword=admin))
Impact
Medium-High (depends on the affect)
Likelihood
Medium-High (depends on the affect)