Exploit
CVE-2024-9293

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

Published: Sep 27, 2024 / Updated: 53d ago

010
CVSS 5.3EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A critical vulnerability was discovered in skyselang yylAdmin versions up to 3.0. The vulnerability affects the file list function in the /app/admin/controller/file/File.php file of the backend component. By manipulating the is_disable argument, an attacker can perform SQL injection. This vulnerability can be exploited remotely.

Impact

This SQL injection vulnerability can have severe consequences. Attackers could potentially: 1. Access, modify, or delete sensitive data in the database 2. Bypass authentication mechanisms 3. Execute administrative operations on the database 4. In some cases, issue commands to the operating system Given the CVSS v3.1 score of 8.8 (High), this vulnerability poses a significant risk to the confidentiality, integrity, and availability of the affected system.

Exploitation

One proof-of-concept exploit is available on gitee.com. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, there is no mention of an available patch. The vulnerability affects yylAdmin versions up to 3.0, suggesting that upgrading to a version higher than 3.0 might resolve the issue, but this needs to be confirmed with the vendor.

Mitigation

While waiting for an official patch, consider the following mitigation strategies: 1. Implement strong input validation and sanitization for all user inputs, especially the 'is_disable' parameter in the affected file list function. 2. Use parameterized queries or prepared statements to prevent SQL injection. 3. Apply the principle of least privilege to database accounts used by the application. 4. Monitor and log database activities to detect potential exploitation attempts. 5. If possible, temporarily disable the vulnerable file list function until a patch is available. 6. Implement a Web Application Firewall (WAF) to help filter out malicious requests. 7. Regularly update and patch the yylAdmin software as soon as fixes become available.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9293. See article

Sep 27, 2024 at 9:13 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 27, 2024 at 9:14 PM
CVE Assignment

NVD published the first details for CVE-2024-9293

Sep 27, 2024 at 9:15 PM
CVSS

A CVSS base score of 6.3 has been assigned.

Sep 27, 2024 at 9:20 PM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.3%)

Sep 28, 2024 at 9:21 AM
CVSS

A CVSS base score of 8.8 has been assigned.

Oct 7, 2024 at 3:40 PM / nvd
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Oct 7, 2024 at 5:10 PM
Static CVE Timeline Graph

Affected Systems

Skyselang/yyladmin
+null more

Exploits

https://gitee.com/A0kooo/cve_article/blob/master/yyladmin/yyladmin%20file%20list%20have%20SQL%20injection.md
+null more

Attack Patterns

CAPEC-108: Command Line Execution through SQL Injection
+null more

News

CVE-2024-9293 Exploit
CVE Id : CVE-2024-9293 Published Date: 2024-10-07T15:37:00+00:00 A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the component Backend. The manipulation of the argument is_disable leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. inTheWild added a link to an exploit: https://gitee.com/A0kooo/cve_article/blob/master/yyladmin/yyladmin%20file%20list%20have%20SQL%20injection.md
CVE-2024-9293
Medium Severity Description A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the component Backend. The manipulation of the argument is_disable leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Read more at https://www.tenable.com/cve/CVE-2024-9293
CVE-2024-9293
Gravedad 3.1 (CVSS 3.1 Base Score) A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0.
NA - CVE-2024-9293 - A vulnerability classified as critical was...
A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the...
CVE-2024-9293 - Skyselang yylAdmin SQL Injection
CVE ID : CVE-2024-9293 Published : Sept. 27, 2024, 9:15 p.m. 20 minutes ago Description : A vulnerability classified as critical was found in skyselang yylAdmin up to 3.0. Affected by this vulnerability is the function list of the file /app/admin/controller/file/File.php of the component Backend. The manipulation of the argument is_disable leads to sql injection. The attack can be launched remotely.
See 6 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:Low
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI