Primary

Context

oa_system Oasys SQL Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A SQL injection vulnerability has been identified in oa_system Oasys version 1.1. This vulnerability allows remote attackers to execute arbitrary code by manipulating the allDirector() method in the AddressMapper.java file. The issue arises because the baseKey parameter, used in SQL queries, can be controlled by the attacker, leading to unauthorized code execution.

Impact

Exploitation of this vulnerability allows for arbitrary code execution on the server where oa_system Oasys is running.

Reproduction

The vulnerability can be reproduced by sending a crafted HTTP request that includes a malicious payload in the baseKey parameter. This request should be directed to the AddrController, which will pass the parameter to the allDirector() method, triggering the SQL injection. Tools like sqlmap can be used to automate the exploitation process.

Added: Aug 29, 2025, 6:38 PM

Updated: Aug 29, 2025, 6:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.0

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

6.0

remediation

0.0

relevance

0.4

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

oa_system Oasys SQL Injection Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

cn.gson.oasys

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating