JeeWMS SQL Injection Vulnerability in CGReportDao Component
Vulnerability
A SQL injection vulnerability has been identified in JeeWMS versions prior to 2025.01.01. The issue arises in the CGReportDao component, specifically through the ReportId parameter in the CGReportController. The vulnerability allows for unfiltered and unescaped parameter values to be concatenated into SQL queries, enabling potential manipulation of the database query execution.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can interfere with the application's database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, log into the application backend and navigate to the CGReportController. Capture the request packets and replace the cookies as needed. The SQL injection can be tested by sending a request to the 'list' endpoint with a crafted 'id' parameter that includes SQL injection payloads. Using a tool like SQLMap can automate the exploitation process by injecting SQL payloads and extracting database information.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.