SQL injection vulnerability in jeecg-boot version 3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component.
The attacker sends a crafted network request to the jmreport/qurestSql endpoint, injecting malicious SQL code as part of the query. The lack of proper validation and sanitization of input data allows manipulation of queries executed by the database. As a result, both reading confidential information and escalating privileges within the application are possible.
An unauthenticated remote attacker can gain access to sensitive data stored in the database and escalate their privileges in the Jeecg Boot application.
Apply patches available from the vendor according to the references. Additionally, it is recommended to restrict access to the jmreport/qurestSql endpoint at the firewall or WAF level until the patch is deployed.
Jeecg Boot version 3.5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HJeecg Boot
APPJeecg≤ 3.5.3
Related vulnerabilities
Injection/RCE w Jeecg Boot 3.0.0–3.5.3 przez niedostateczne filtrowanie znaków
Command injection w Jeecg Boot — zdalne wykonanie kodu przez /jmreport/show
SQL Injection w JeecgBoot przez endpoint getTotalData
RCE poprzez SSTI injection w Jeecg Boot — komponent /jmreport/loadTableData
SQL Injection w Jeecg Boot — eskalacja uprawnień i wyciek danych