CVE-2017-17875 – This SQL injection vulnerability in JEXTN FAQ P... (How to Fix)

📋 TL;DR

This SQL injection vulnerability in JEXTN FAQ Pro extension for Joomla allows attackers to execute arbitrary SQL commands through the id parameter. It affects Joomla websites using JEXTN FAQ Pro extension version 4.0.0. Attackers can potentially access, modify, or delete database content.

💻 Affected Systems

Products:

JEXTN FAQ Pro extension for Joomla

Versions: 4.0.0

Operating Systems: All platforms running Joomla

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Joomla installations with JEXTN FAQ Pro extension installed and enabled

📦 What is this software?

Jextn Faq Pro by Jextn

View all CVEs affecting Jextn Faq Pro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE chaining

🟠

Likely Case

Database information disclosure, including user credentials, sensitive content, and potentially administrative access

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting damage to non-sensitive data

🌐 Internet-Facing: HIGH - Directly exploitable via web requests without authentication

🏢 Internal Only: MEDIUM - Still exploitable by internal users or compromised accounts

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available, requires no authentication, simple parameter manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 4.0.1 or later

Vendor Advisory: https://www.jextn.com/faq-pro/

Restart Required: No

Instructions:

1. Log into Joomla admin panel
2. Navigate to Extensions > Manage > Update
3. Update JEXTN FAQ Pro to latest version
4. Alternatively, download latest version from vendor site and install via Extensions > Install

🔧 Temporary Workarounds

Input Validation Filter

all

Add input validation to sanitize id parameter before processing

Modify component code to validate id parameter as integer using (int)$id or filter_var($id, FILTER_VALIDATE_INT)

Web Application Firewall Rule

all

Block SQL injection patterns in id parameter

Add WAF rule: Detect and block SQL injection patterns in 'id' parameter of requests to FAQ component

🧯 If You Can't Patch

Disable or uninstall JEXTN FAQ Pro extension immediately
Implement strict network segmentation and limit access to affected system

🔍 How to Verify

Check if Vulnerable:

Check Joomla extensions list for JEXTN FAQ Pro version 4.0.0 in admin panel

Check Version:

Check Joomla admin panel: Extensions > Manage > Manage (then find JEXTN FAQ Pro)

Verify Fix Applied:

Verify JEXTN FAQ Pro version is 4.0.1 or higher in extensions manager

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in Joomla logs
Multiple requests with SQL injection patterns in id parameter
Unexpected database queries from web server

Network Indicators:

HTTP requests containing SQL keywords in id parameter
Requests to view=category with malicious id values

SIEM Query:

web.url:*view=category* AND web.param.id:*SELECT* OR web.param.id:*UNION* OR web.param.id:*OR*1=1*

📊 Metadata

CVE ID: CVE-2017-17875

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: December 27, 2017

Last Updated: April 20, 2025

🔗 References

https://www.exploit-db.com/exploits/43393/ Exploit,Third Party Advisory,VDB Entry
https://www.exploit-db.com/exploits/43393/ Exploit,Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2017-17875, you might also want to check these: