Platform
other
Component
metasploit-framework
Fixed in
2.5.18104
2.0.1
1.0.1
CVE-2020-7356 describes a critical SQL Injection vulnerability affecting Cayin xPost versions 1.0 through 2.5.18103. This flaw allows unauthenticated attackers to inject malicious SQL code through the 'wayfinder_seqid' GET parameter, leading to potential SYSTEM command execution. A patched version, 2.5.18104, is now available to address this vulnerability.
The impact of this SQL Injection vulnerability is severe. An attacker can exploit it to bypass authentication and directly manipulate the database. Successful exploitation could lead to unauthorized access to sensitive data, including user credentials, meeting records, and potentially system configuration information. Furthermore, the ability to execute SYSTEM commands opens the door to complete system compromise, allowing attackers to install malware, modify system files, or pivot to other systems on the network. The lack of authentication required for exploitation significantly broadens the attack surface, making it a high-priority concern.
CVE-2020-7356 was publicly disclosed on August 6, 2020. While no active exploitation campaigns have been definitively linked to this specific vulnerability, the ease of exploitation and the potential for SYSTEM command execution make it a likely target for opportunistic attackers. The vulnerability’s severity (CVSS 10.0) underscores the need for prompt remediation. No KEV listing is currently available.
Exploit Status
EPSS
61.51% (98% percentile)
CVSS Vector
The primary mitigation for CVE-2020-7356 is to immediately upgrade Cayin xPost to version 2.5.18104 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter and sanitize the 'wayfinder_seqid' parameter, specifically blocking any input containing SQL injection payloads. Input validation on the server-side is also crucial to prevent malicious data from reaching the database. Additionally, review and restrict database user permissions to minimize the potential damage from a successful SQL injection attack.
Update Cayin xPost to a version that fixes the SQL Injection (SQL Injection) vulnerability. Contact the vendor for the patched version or apply recommended security measures to mitigate the risk of SQL Injection.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2020-7356 is a critical SQL Injection vulnerability in Cayin xPost versions 1.0–2.5.18103, allowing attackers to inject malicious SQL code and potentially execute SYSTEM commands.
If you are using Cayin xPost versions 1.0 through 2.5.18103, you are potentially affected by this vulnerability. Immediate action is required.
Upgrade Cayin xPost to version 2.5.18104 or later to remediate the vulnerability. Consider WAF rules as a temporary workaround.
While no confirmed active exploitation campaigns are publicly known, the vulnerability's severity and ease of exploitation make it a potential target.
Refer to the CAYIN security advisory for detailed information and updates regarding CVE-2020-7356.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.