SQL injection vulnerability in jeecg-boot v3.5.3, allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check.
The vulnerability (CWE-89) results from insufficient validation and sanitization of input data passed to SQL queries in the /sys/replicate/check endpoint. An attacker can inject malicious SQL code without needing to have any privileges or user interaction. The attack vector is network-based and the attack requires no special preconditions (AC:L, PR:N, UI:N), making it particularly easy to perform.
An attacker can gain access to sensitive information stored in the database and escalate their privileges in the application. The vulnerability is rated as critical with full impact on confidentiality, integrity and availability of the system (C:H/I:H/A:H).
Patches available from the vendor should be applied in accordance with the references. As an interim measure, consider restricting network access to the /sys/replicate/check endpoint and implementing WAF rules blocking SQL injection attempts.
Jeecg Boot version 3.5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HJeecg Boot
APPJeecg≤ 3.5.3
Related vulnerabilities
Injection/RCE w Jeecg Boot 3.0.0–3.5.3 przez niedostateczne filtrowanie znaków
Command injection w Jeecg Boot — zdalne wykonanie kodu przez /jmreport/show
SQL Injection w JeecgBoot przez endpoint getTotalData
RCE poprzez SSTI injection w Jeecg Boot — komponent /jmreport/loadTableData
SQL Injection w Jeecg Boot — eskalacja uprawnień i wyciek danych