CVE-2017-17640
📋 TL;DR
This vulnerability allows attackers to execute arbitrary SQL commands through unsanitized parameters in Advanced World Database. It affects all systems running version 2.0.5 of this software, potentially leading to complete database compromise.
💻 Affected Systems
- Advanced World Database
📦 What is this software?
Advanced World Database by Advanced World Database Project
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, data manipulation, privilege escalation, and potential remote code execution on the database server.
Likely Case
Unauthorized data access, data exfiltration, and potential authentication bypass leading to administrative access.
If Mitigated
Limited impact with proper input validation and parameterized queries preventing SQL injection.
🎯 Exploit Status
Multiple public exploit scripts available. Simple parameter manipulation required.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: Not available
Restart Required: No
Instructions:
No official patch available. Apply workarounds or migrate to alternative software.
🔧 Temporary Workarounds
Input Validation and Sanitization
allImplement strict input validation and parameterized queries for city.php and state.php parameters
Modify PHP code to use prepared statements: $stmt = $pdo->prepare('SELECT * FROM table WHERE country = ?'); $stmt->execute([$country]);
Web Application Firewall Rules
allDeploy WAF rules to block SQL injection patterns in city.php and state.php parameters
Add WAF rule: deny if contains SQL keywords in country/state parameters
🧯 If You Can't Patch
- Isolate the vulnerable system behind a reverse proxy with strict input filtering
- Implement network segmentation to limit database server access only to necessary applications
🔍 How to Verify
Check if Vulnerable:
Test city.php?country=' OR '1'='1 and state.php?country=' OR '1'='1 for SQL injection responsesCheck Version:
Check software version in admin panel or readme filesVerify Fix Applied:
Test with SQL injection payloads and verify proper error handling or rejection📡 Detection & Monitoring
Log Indicators:
- Unusual SQL errors in application logs
- Multiple failed parameter attempts with SQL keywords
- Unexpected database queries from web application
Network Indicators:
- HTTP requests with SQL injection patterns in parameters
- Unusual database traffic patterns from web server
SIEM Query:
source=web_logs AND (url="*city.php*" OR url="*state.php*") AND (param="*' OR*" OR param="*UNION*" OR param="*SELECT*" OR param="*--*" OR param="*;*" OR param="*/*")