CVE-2021-47846
📋 TL;DR
CVE-2021-47846 is a critical SQL injection vulnerability in Digital Crime Report Management System 1.0 that allows unauthenticated attackers to bypass authentication on multiple login pages. Organizations using this software for law enforcement or crime reporting are affected.
💻 Affected Systems
- Digital Crime Report Management System
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise allowing attackers to access sensitive crime data, modify reports, escalate privileges, or execute arbitrary code on the database server.
Likely Case
Unauthorized access to the system with ability to view, modify, or delete sensitive crime report data and user information.
If Mitigated
Limited impact with proper input validation and database permissions preventing data exfiltration or system compromise.
🎯 Exploit Status
Exploit code is publicly available on Exploit-DB and other sources. Simple SQL injection payloads can bypass authentication on police, incharge, user, and HQ login endpoints.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: None found
Restart Required: No
Instructions:
No official patch available. Consider migrating to a different system or implementing custom fixes with parameterized queries and input validation.
🔧 Temporary Workarounds
Web Application Firewall (WAF)
allDeploy a WAF with SQL injection protection rules to block malicious payloads
Input Validation Filter
linuxImplement custom input validation for email and password parameters
// PHP example: filter_var($email, FILTER_VALIDATE_EMAIL);
// PHP example: preg_match('/^[a-zA-Z0-9@._-]+$/', $password);
🧯 If You Can't Patch
- Isolate the system behind a VPN or restrict access to trusted IP addresses only
- Implement strong authentication before the vulnerable login pages (e.g., client certificate authentication)
🔍 How to Verify
Check if Vulnerable:
Test login endpoints with SQL injection payloads like ' OR '1'='1 in email and password fieldsCheck Version:
Check application files for version information, typically in config.php or readme filesVerify Fix Applied:
Attempt SQL injection attacks after implementing fixes - successful authentication bypass indicates vulnerability still exists📡 Detection & Monitoring
Log Indicators:
- Multiple failed login attempts with SQL keywords
- Successful logins from unusual IP addresses
- Login attempts with special characters in email/password fields
Network Indicators:
- HTTP POST requests to login endpoints containing SQL keywords
- Unusual traffic patterns to /login.php or similar endpoints
SIEM Query:
source="web_logs" AND (uri_path="*login*" OR uri_path="*auth*") AND (http_method="POST") AND (request_body MATCHES "(?i)(union|select|or|and|'|--|#|;)")