The host is running Authenex ASAS and is prone to SQL injection vulnerability.
Successful exploitation will let attackers to authenex database, dump all the OTP tokens, users information including credentials. Impact Level: Application
Apply the patc from below link, http://support.authenex.com/ ***** NOTE: Ignore this warning, if above mentioned patch is manually applied. *****
The flaw is due to an input passed to the 'rgstcode' parameter in 'akeyActivationLogin.do', is not properly sanitised before being used in SQL queries.
Authenex ASAS version 18.104.22.168 and prior.