Fujian Smart Integrated Management Platform SQL Injection Vulnerability in XCamera Module

A SQL injection vulnerability has been identified in the Fujian Smart Integrated Management Platform System, specifically in version 7.5. The issue resides in the XCamera module, within the file /Module/CRXT/Controller/XCamera.ashx. The vulnerability is caused by improper validation of the ChannelName parameter, allowing remote attackers to inject malicious SQL statements. This exploitation can lead to unauthorized access to the database, where attackers might retrieve, modify, or manipulate sensitive information. The vulnerability does not require authentication, making it accessible to any attacker.

Impact

Exploitation of this vulnerability allows for SQL injection, where attackers can execute arbitrary SQL commands. This could lead to unauthorized data access, modification, or deletion. Additionally, according to FOFA, over 300 websites using this platform are potentially vulnerable.

Reproduction

To reproduce this vulnerability, send a POST request to the /Module/CRXT/Controller/XCamera.ashx endpoint with the action parameter set to 'find' and the ChannelName parameter manipulated to include a SQL injection payload. The payload can be crafted to exploit the time-based blind SQL injection vulnerability by using commands that cause a delay in the response, such as 'WAITFOR DELAY'.