Exploit
CVE-2024-9790

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)

Published: Oct 10, 2024 / Updated: 40d ago

010
CVSS 5.1EPSS 0.05%Medium
CVE info copied to clipboard

Summary

A critical vulnerability has been discovered in LyLme_spage version 1.9.5. The issue is located in an unknown function within the file /admin/sou.php. This vulnerability allows for SQL injection through the manipulation of the 'id' argument. The attack can be launched remotely and does not require user interaction.

Impact

This SQL injection vulnerability can have severe consequences. An attacker could potentially: 1. Access, modify, or delete sensitive data in the database 2. Execute administrative operations on the database 3. Issue commands to the operating system 4. In some cases, read or write local files on the server Given the CVSS v3.1 base score of 7.2 (High) and the critical classification, this vulnerability poses a significant risk to the confidentiality, integrity, and availability of the affected system.

Exploitation

One proof-of-concept exploit is available on shikangsi.com. There is no evidence of proof of exploitation at the moment.

Patch

As of the latest information provided, no official patch has been released. The vendor was contacted about this disclosure but did not respond, indicating that a patch may not be immediately available.

Mitigation

Given the absence of an official patch, the following mitigation steps are recommended: 1. Implement strong input validation and sanitization for all user inputs, especially the 'id' parameter in /admin/sou.php 2. Use parameterized queries or prepared statements to prevent SQL injection 3. Apply the principle of least privilege to database accounts used by the application 4. Monitor for suspicious database activities or unexpected queries 5. Consider using a Web Application Firewall (WAF) to filter malicious requests 6. If possible, temporarily disable or restrict access to the affected component until a patch is available 7. Regularly check for updates from the vendor and apply them promptly when available

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Timeline

First Article

Feedly found the first article mentioning CVE-2024-9790. See article

Oct 10, 2024 at 3:02 PM / CVE
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Oct 10, 2024 at 3:03 PM
CVE Assignment

NVD published the first details for CVE-2024-9790

Oct 10, 2024 at 3:15 PM
CVSS

A CVSS base score of 4.7 has been assigned.

Oct 10, 2024 at 3:20 PM / nvd
EPSS

EPSS Score was set to: 0.05% (Percentile: 16.4%)

Oct 11, 2024 at 10:19 AM
CVSS

A CVSS base score of 7.2 has been assigned.

Oct 17, 2024 at 2:31 PM / nvd
Proof of Concept (PoC) Released

A proof of concept exploit has been released

Oct 17, 2024 at 5:12 PM
Static CVE Timeline Graph

Affected Systems

Lylme/lylme_spage
+null more

Exploits

https://wiki.shikangsi.com/post/share/9c237d56-972e-40b4-9656-a1083ed84702
+null more

Attack Patterns

CAPEC-108: Command Line Execution through SQL Injection
+null more

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:High
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI