Platform
other
Component
sportsnet
Opgelost in
4.0.2
CVE-2024-29725 describes a critical SQL injection vulnerability discovered in SportsNET versions 4.0.1 through 4.0.1. This flaw allows unauthorized attackers to manipulate the database, potentially leading to complete data compromise. A patch, version 4.0.2, has been released to address this vulnerability.
The SQL injection vulnerability in SportsNET allows an attacker to execute arbitrary SQL queries against the database. This means they could potentially read sensitive data like user credentials, financial information, or proprietary business data. Furthermore, an attacker could modify or delete data, leading to data corruption or denial of service. The ability to update data also opens the door for privilege escalation and further system compromise. The parameter list in the /app/ax/sort_bloques/ endpoint is directly vulnerable.
CVE-2024-29725 was publicly disclosed on August 29, 2024. The vulnerability’s ease of exploitation, combined with the potential for significant data compromise, suggests a medium probability of exploitation. No public proof-of-concept code has been identified at the time of writing, but the vulnerability is severe enough to warrant immediate attention. This vulnerability is not currently listed on the CISA KEV catalog.
Organizations utilizing SportsNET version 4.0.1 are at immediate risk. This includes those deploying SportsNET in environments with direct database access or those lacking robust input validation mechanisms. Shared hosting environments where multiple users share the same SportsNET instance are particularly vulnerable.
• generic web: Use curl to test the /app/ax/sort_bloques/ endpoint with various SQL injection payloads. Look for error messages or unexpected behavior indicating successful injection.
curl 'http://<target>/app/ax/sort_bloques/?parameter_list=1' UNION SELECT 1,2,3 -- - • database (mysql): If database access is possible, attempt to execute SQL queries directly to confirm the vulnerability.
SELECT 1 FROM users WHERE username='admin' -- -disclosure
Exploit Status
EPSS
0.19% (41% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2024-29725 is to immediately upgrade SportsNET to version 4.0.2 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) with rules to filter out potentially malicious SQL queries targeting the /app/ax/sortbloques/ endpoint. Input validation on the parameter list is crucial. Thoroughly review and sanitize all user-supplied input before incorporating it into SQL queries. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection attack on the /app/ax/sortbloques/ endpoint and verifying that the attack is blocked.
Actualice SportsNET a una versión parcheada que solucione la vulnerabilidad de inyección SQL. Consulte al proveedor para obtener la versión corregida. Si no hay una versión disponible, considere deshabilitar o eliminar SportsNET hasta que se publique una solución.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2024-29725 is a critical SQL injection vulnerability affecting SportsNET version 4.0.1, allowing attackers to manipulate the database.
If you are running SportsNET version 4.0.1, you are vulnerable. Upgrade to 4.0.2 or later to mitigate the risk.
Upgrade SportsNET to version 4.0.2 or later. As a temporary workaround, implement a WAF to filter malicious SQL queries.
While no active exploitation has been confirmed, the vulnerability's severity suggests a potential for exploitation. Monitor your systems closely.
Refer to the SportsNET security advisory at https://XXXXXXX.saludydesafio.com/app/ax/sort_bloques/ for detailed information and updates.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.