NSA Detection of a security gap by Greek investigators

Two managed to find a security hole in the NSA website – (National Agency), which allowed them to use the SQL technique and access the organization's database.

Researchers Dimitris Hatzidimitris and Anastasis Vassiliadis on 20/03/2020 identified a vulnerability in the security of the website: https://www.nsa.gov

The vulnerability is of the SQL Injection type and the link for the specific weakness remains at the disposal of our editor s.

Some of them of vulnerability:

Parameter: ver
Method: (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause

Database: Microsoft_Access_mast ****


Which contains 2 tables encoded!

Researchers Dimitris Hatzidimitris and Anastasis Vassiliadis report:

After that we did not proceed below to a possible access to beyond the base since we had already confirmed the weakness in better safety of the page.


The NSA was notified in time for the security breach on 20/03/2020 and to date has not made any repairs preventing a possible leak of personal data from malicious third parties.

The information remains at the disposal of those directly interested, by the researchers themselves but also by our editorial team.

Information about vulnerabilities discovered in organizations is considered extremely necessary (especially when they exist on highly visited websites), and for us they are an immediate priority.

We hope that in this way, that is, the immediate exposure of any vulnerability, we contribute to a safer internet.

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by newsbot

Although the press releases will be from very select to rarely, I said to go ... because sometimes the authors are hiding.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).