CVE-2021-45821 – CVE-2021-45821 is a blind SQL injection vulnera... (How to Fix)

Q: What is the severity of CVE-2021-45821?

CVE-2021-45821 has a CVSS score of 8.8 (HIGH). CVE-2021-45821 is a blind SQL injection vulnerability in Xbtit 3.1's chat history functionality that allows authenticated users to extract sensitive database information. Attackers can potentially obtain user credentials and achieve remote code execution. All Xbtit 3.1 installations with the vulnerable file are affected.

📋 TL;DR

CVE-2021-45821 is a blind SQL injection vulnerability in Xbtit 3.1's chat history functionality that allows authenticated users to extract sensitive database information. Attackers can potentially obtain user credentials and achieve remote code execution. All Xbtit 3.1 installations with the vulnerable file are affected.

💻 Affected Systems

Products:

Xbtit

Versions: 3.1

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Requires the ajaxchat/getHistoryChatData.php file to be present and accessible to registered users.

📦 What is this software?

Xbtit by Btiteam

View all CVEs affecting Xbtit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full database compromise leading to credential theft, privilege escalation, and remote code execution on the web server.

🟠

Likely Case

Extraction of sensitive user data including usernames and password hashes, potentially enabling account takeover.

🟢

If Mitigated

Limited data exposure if proper input validation and database permissions are enforced.

🌐 Internet-Facing: HIGH - Web applications accessible from the internet are directly exploitable by authenticated attackers.

🏢 Internal Only: MEDIUM - Internal users with valid credentials can exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires valid user credentials. SQL injection is blind but well-documented in public references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch exists. Remove or secure the vulnerable file manually.

🔧 Temporary Workarounds

Remove vulnerable file

linux

Delete or restrict access to ajaxchat/getHistoryChatData.php

rm /path/to/xbtit/ajaxchat/getHistoryChatData.php

Implement input validation

all

Add parameter sanitization for the sid parameter

Edit getHistoryChatData.php to validate sid as integer

🧯 If You Can't Patch

Implement web application firewall rules to block SQL injection patterns
Restrict network access to Xbtit installation to trusted users only

🔍 How to Verify

Check if Vulnerable:

Check if ajaxchat/getHistoryChatData.php exists in Xbtit installation and contains unsanitized sid parameter usage.

Check Version:

Check Xbtit version in configuration files or admin panel.

Verify Fix Applied:

Verify file removal or confirm parameter sanitization in the PHP code.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple requests to getHistoryChatData.php with varying sid parameters

Network Indicators:

HTTP POST/GET requests to ajaxchat/getHistoryChatData.php containing SQL syntax

SIEM Query:

source="web_logs" AND uri="/ajaxchat/getHistoryChatData.php" AND (query CONTAINS "UNION" OR query CONTAINS "SELECT" OR query CONTAINS "SLEEP")

📊 Metadata

CVE ID: CVE-2021-45821

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: March 16, 2022

Last Updated: November 21, 2024

🔗 References

https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/ Exploit,Third Party Advisory
https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php Exploit,Third Party Advisory
https://github.com/btiteam/xbtit-3.1/issues/6 Exploit,Third Party Advisory
https://emaragkos.gr/infosec-adventures/xbtit-3-1-sql-njection/ Exploit,Third Party Advisory
https://github.com/btiteam/xbtit-3.1/blob/master/ajaxchat/getHistoryChatData.php Exploit,Third Party Advisory
https://github.com/btiteam/xbtit-3.1/issues/6 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-45821, you might also want to check these: