Security researchers have discovered multiple critical vulnerabilities in a popular IPTV middleware platform that is currently being used by more than a thousand regional and international online media streaming services to manage their millions of subscribers.
Discovered by security researchers at CheckPoint, the vulnerabilities reside in the administrative panel of Ministra TV platform, which if exploited, could allow attackers to bypass authentication and extract subscribers’ database, including their financial details.
Besides this, the flaws could also allow attackers to replace broadcast and steam any content of their choice on the TV screens of all affected customer networks.
Ministra TV platform, previously known as Stalker Portal, is a software written in PHP that works as a middleware platform for media streaming services for managing Internet Protocol television (IPTV), video-on-demand (VOD) and over-the-top (OTT) content, licenses and their subscribers.
Developed by Ukrainian company Infomir, the Ministra software is currently being used by over a thousand online media streaming services with the highest numbers of providers in the United States (199), following with Netherlands (137), Russia (120), France (117) and Canada (105).
CheckPoint researchers find a logical vulnerability in an authentication function of the Ministra platform that fails to validate the request, allowing a remote attacker to bypass authentication and perform SQL injection through a separate vulnerability, which otherwise only an authenticated attacker can exploit.
As shown in the video demonstration, when it further chained together with a PHP Object Injection vulnerability, the researchers were successfully able to remotely execute arbitrary code on the targeted server.
“In this particular case, we used the authentication bypass to perform an SQL Injection on the server,” the researchers explain. “With that knowledge, we escalated this issue to an Object Injection vulnerability, which in turn allowed us to execute arbitrary code on the server, potentially impacting not only the provider but also the provider’s clients.”
CheckPoint researchers reported their findings to the company, which has now patched the issues with the release of Ministra version 5.4.1.
Vendors are strongly recommended to update their system to the latest version as soon as possible.