Login Sign Up

CVE-2020-28087

7.5 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in jeecg-boot CMS allows attackers to execute arbitrary SQL commands through the /jeecg boot/sys/dict/loadtreedata endpoint. Attackers can access, modify, or delete sensitive database information. Organizations using jeecg-boot CMS version 2.3 are affected.

💻 Affected Systems

Products:
  • jeecg-boot CMS
Versions: 2.3
Operating Systems: All platforms running jeecg-boot
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default configuration of the affected version.

📦 What is this software?

Jeecg Boot by Jeecg

View all CVEs affecting Jeecg Boot →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, data manipulation, privilege escalation, and potential system takeover.

🟠

Likely Case

Unauthorized access to sensitive data stored in the database, potentially including user credentials, personal information, and system configuration.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permission restrictions in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities are commonly exploited and tools exist for automated exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 2.3

Vendor Advisory: https://github.com/zhangdaiscott/jeecg-boot/issues/1887

Restart Required: Yes

Instructions:

1. Upgrade jeecg-boot to a version after 2.3. 2. Apply the patch from the GitHub issue. 3. Restart the application server. 4. Verify the fix by testing the vulnerable endpoint.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement input validation to reject malicious SQL characters in the loadtreedata endpoint parameters.

Implement parameter validation in the affected Java controller class

WAF Rule

all

Deploy a web application firewall with SQL injection detection rules.

Configure WAF to block requests containing SQL injection patterns to /jeecg boot/sys/dict/loadtreedata

🧯 If You Can't Patch

  • Block external access to the vulnerable endpoint using network ACLs or firewall rules.
  • Implement database-level controls: restrict application database user permissions to minimum required.

🔍 How to Verify

Check if Vulnerable:

Test the /jeecg boot/sys/dict/loadtreedata endpoint with SQL injection payloads like ' OR '1'='1.

Check Version:

Check the jeecg-boot version in the application configuration or pom.xml file.

Verify Fix Applied:

Attempt SQL injection against the patched endpoint and verify it rejects malicious input.

📡 Detection & Monitoring

Log Indicators:

  • Unusual database queries from the application
  • Multiple failed login attempts or parameter manipulation in access logs

Network Indicators:

  • SQL error messages in HTTP responses
  • Unusual patterns of requests to the loadtreedata endpoint

SIEM Query:

source="web_logs" AND uri="/jeecg boot/sys/dict/loadtreedata" AND (message="SQL" OR message="syntax" OR message="error")

📊 Metadata

CVE ID: CVE-2020-28087
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-89
Published: August 6, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-28087, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)