Platform
php
Component
sentrifugo
Fixed in
3.2.1
CVE-2024-29874 describes a critical SQL injection vulnerability discovered in Sentrifugo versions 3.2 through 3.2. This flaw allows a remote attacker to inject malicious SQL queries through the 'sort_name' parameter within the /sentrifugo/index.php/default/reports/activeuserrptpdf endpoint, potentially leading to unauthorized data extraction. A patch, version 3.2.1, has been released to address this issue.
The SQL injection vulnerability in Sentrifugo 3.2 poses a significant risk to data confidentiality. An attacker can exploit this flaw to craft malicious SQL queries that, when executed by the application, could extract sensitive data stored in the database. This could include user credentials, financial information, or other confidential business data. Successful exploitation could lead to complete database compromise, allowing the attacker to view, modify, or delete data. The potential for lateral movement is limited to the database server itself, but the blast radius is substantial due to the potential for widespread data exposure.
CVE-2024-29874 was publicly disclosed on March 21, 2024. The vulnerability's CRITICAL CVSS score (9.8) indicates a high probability of exploitation. No public proof-of-concept (PoC) code has been publicly released as of this writing, but the ease of SQL injection exploitation suggests that a PoC is likely to emerge. It is not currently listed on CISA KEV, but its severity warrants monitoring.
Exploit Status
EPSS
0.78% (74% percentile)
CVSS Vector
The primary mitigation for CVE-2024-29874 is to immediately upgrade Sentrifugo to version 3.2.1 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter potentially malicious SQL queries targeting the /sentrifugo/index.php/default/reports/activeuserrptpdf endpoint. Specifically, block requests containing suspicious characters or SQL keywords in the 'sortname' parameter. Input validation on the server-side, specifically sanitizing the 'sortname' parameter, can also provide a temporary layer of defense. After upgrading, confirm the vulnerability is resolved by attempting a test SQL injection query through the affected endpoint and verifying that it is properly sanitized.
Update to a patched version of Sentrifugo that resolves the (SQL Injection) vulnerability. If no version is available, consider applying a patch manually or disabling the vulnerable functionality until an update is released.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-29874 is a critical SQL injection vulnerability in Sentrifugo versions 3.2 through 3.2, allowing attackers to extract data via a crafted query to the /sentrifugo/index.php/default/reports/activeuserrptpdf endpoint.
Yes, if you are running Sentrifugo version 3.2, you are affected by this vulnerability. Versions prior to 3.2.1 are vulnerable.
Upgrade Sentrifugo to version 3.2.1 or later to remediate the vulnerability. Consider WAF rules as a temporary mitigation.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high likelihood of future exploitation.
Refer to the Sentrifugo project's official website and security advisories for the latest information and updates regarding CVE-2024-29874.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.