Base Digitale Centrax Open PSIM Boolean SQL Injection Vulnerability

A boolean-based SQL injection vulnerability has been identified in Base Digitale Group's Centrax Open PSIM version 6.1 and prior. This vulnerability allows a low-privileged user with access to the platform to execute arbitrary SQL commands through the 'datafine' parameter in the '/sinottici/graphstorico' component of the web application.

Impact

Exploitation of this vulnerability allows for arbitrary SQL command execution on the back-end database, potentially leading to unauthorized data manipulation, including creation, reading, updating, or deletion of database records.

Reproduction

To reproduce this vulnerability, log into the Centrax Open PSIM application and navigate to the 'sinottici' component. Then, send a POST request to '/sinottici/graphstorico' with a crafted 'datafine' parameter that includes a time-based SQL injection payload. Alternatively, SQLMap can be used to automate the exploitation by targeting the same endpoint and parameter with an injected SQL payload.

Remediation

Users are advised to upgrade Centrax Open PSIM to version 6.1 or later.