Platform
php
Component
sentrifugo
Fixed in
3.2.1
CVE-2024-29876 describes a critical SQL injection vulnerability discovered in Sentrifugo versions 3.2 through 3.2. This flaw allows a remote attacker to inject malicious SQL code through the 'sortby' parameter in the /sentrifugo/index.php/reports/activitylogreport endpoint, potentially leading to complete data exfiltration. A patch, version 3.2.1, has been released to address this issue.
The SQL injection vulnerability in Sentrifugo 3.2 poses a significant risk to data confidentiality. An attacker exploiting this flaw can craft a malicious SQL query that, when executed by the application's database, allows them to bypass security measures and retrieve sensitive information. This could include user credentials, configuration details, and any other data stored within the database. The potential for complete data exfiltration makes this a high-impact vulnerability. Successful exploitation could lead to significant reputational damage, financial losses, and regulatory penalties for organizations using vulnerable instances of Sentrifugo.
CVE-2024-29876 was publicly disclosed on March 21, 2024. While no active exploitation campaigns have been publicly confirmed, the critical severity and ease of exploitation (SQL injection vulnerabilities are often readily exploitable) suggest a high probability of exploitation. No Proof of Concept (PoC) code has been publicly released as of this writing, but the vulnerability's nature makes it likely that one will emerge. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.76% (73% percentile)
CVSS Vector
The primary mitigation for CVE-2024-29876 is to immediately upgrade Sentrifugo to version 3.2.1 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds. Input validation on the 'sortby' parameter is crucial; implement strict whitelisting of allowed characters and values. Web Application Firewalls (WAFs) configured with rules to detect and block SQL injection attempts can provide an additional layer of defense. Monitor application logs for suspicious SQL queries and unusual database activity.
Update Sentrifugo to a version later than 3.2 that fixes the SQL Injection (SQL Injection) vulnerability. Consult the vendor's website for the latest version and upgrade instructions. If no version is available, consider disabling or removing the affected component until a fix is released.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-29876 is a critical SQL injection vulnerability affecting Sentrifugo versions 3.2 through 3.2. It allows attackers to extract data from the database via malicious queries.
If you are running Sentrifugo version 3.2, you are vulnerable. Upgrade to version 3.2.1 or later to mitigate the risk.
The recommended fix is to upgrade to Sentrifugo version 3.2.1 or later. As a temporary workaround, implement strict input validation on the 'sortby' parameter.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of exploitation.
Refer to the Sentrifugo project's official website or security advisories for the latest information and updates regarding CVE-2024-29876.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.