hitsz-ids airda SQL Injection Vulnerability in Chat Completions Endpoint

A critical SQL injection vulnerability has been identified in hitsz-ids airda version 0.0.3. The issue arises in the 'execute' function of the '/v1/chat/completions' file, where the 'question' parameter is manipulated to inject malicious SQL. This vulnerability can be exploited remotely, allowing attackers to execute harmful SQL commands that could delete, modify, or retrieve sensitive data from the database.

Impact

Exploitation of this vulnerability allows for unauthorized SQL injection, where attackers can manipulate database queries to delete, modify, or access sensitive data, potentially leading to data breaches, corruption, or a denial-of-service condition.

Reproduction

To reproduce this vulnerability, send a POST request to the '/v1/chat/completions' endpoint with a crafted 'question' parameter. The injected SQL will be executed by the application, exploiting the lack of validation on SQL commands generated by the Large Language Model.

Remediation

It is recommended to implement strict validation and sanitization of SQL queries generated by the application. This can include whitelisting allowed SQL operations, using parameterized queries, and ensuring that the database user has limited privileges.