CVE-2020-20473 – White Shark System (WSS) 1.3.2 contains a SQL i... (How to Fix)

Q: What is the severity of CVE-2020-20473?

CVE-2020-20473 has a CVSS score of 7.5 (HIGH). White Shark System (WSS) 1.3.2 contains a SQL injection vulnerability in multiple PHP files that fail to properly filter the 'sort' parameter. Remote attackers can exploit this to extract sensitive database information. Organizations running WSS 1.3.2 are affected.

📋 TL;DR

White Shark System (WSS) 1.3.2 contains a SQL injection vulnerability in multiple PHP files that fail to properly filter the 'sort' parameter. Remote attackers can exploit this to extract sensitive database information. Organizations running WSS 1.3.2 are affected.

💻 Affected Systems

Products:

White Shark System (WSS)

Versions: 1.3.2

Operating Systems: Any OS running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default installation. Affects control_task.php, control_project.php, and default_user.php files.

📦 What is this software?

White Shark Systems by White Shark Systems Project

View all CVEs affecting White Shark Systems →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including user credentials, sensitive project data, and system configuration information leading to full system takeover.

🟠

Likely Case

Extraction of database contents including user information, project details, and potentially authentication data.

🟢

If Mitigated

Limited or no data exposure if proper input validation and parameterized queries are implemented.

🌐 Internet-Facing: HIGH - Remote attackers can exploit this vulnerability without authentication.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit this but external threat is reduced.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept available on GitHub. SQL injection via sort parameter is straightforward to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

No official patch available. Implement input validation and parameterized queries in affected PHP files.

🔧 Temporary Workarounds

Input Validation for Sort Parameter

all

Add input validation to ensure sort parameter contains only allowed values

Modify affected PHP files to validate sort parameter against whitelist of allowed values

Web Application Firewall (WAF)

all

Deploy WAF with SQL injection protection rules

🧯 If You Can't Patch

Isolate WSS system from internet access
Implement strict network segmentation and monitor for SQL injection attempts

🔍 How to Verify

Check if Vulnerable:

Check if WSS version is 1.3.2 and examine control_task.php, control_project.php, default_user.php files for sort parameter handling

Check Version:

Check WSS configuration files or admin panel for version information

Verify Fix Applied:

Test sort parameter with SQL injection payloads to ensure proper filtering

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple requests with SQL-like patterns in sort parameter

Network Indicators:

HTTP requests containing SQL keywords in sort parameter
Unusual database connection patterns

SIEM Query:

http.uri contains "sort=" AND (http.uri contains "UNION" OR http.uri contains "SELECT" OR http.uri contains "INSERT" OR http.uri contains "DELETE")

📊 Metadata

CVE ID: CVE-2020-20473

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-89

Published: June 21, 2021

Last Updated: November 21, 2024

🔗 References

https://github.com/itodaro/WhiteSharkSystem_cve Exploit,Third Party Advisory
https://github.com/itodaro/WhiteSharkSystem_cve Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-20473, you might also want to check these: