CVE-2022-23365 – CVE-2022-23365 is a critical SQL injection vuln... (How to Fix)

Q: What is the severity of CVE-2022-23365?

CVE-2022-23365 has a CVSS score of 9.8 (CRITICAL). CVE-2022-23365 is a critical SQL injection vulnerability in HMS v1.0's doctorlogin.php that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable HMS version, potentially compromising patient data and system integrity.

📋 TL;DR

CVE-2022-23365 is a critical SQL injection vulnerability in HMS v1.0's doctorlogin.php that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable HMS version, potentially compromising patient data and system integrity.

💻 Affected Systems

Products:

HMS (Hospital Management System)

Versions: v1.0

Operating Systems: Any OS running PHP with MySQL/MariaDB

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations of HMS v1.0 regardless of configuration. The vulnerability is in the source code itself.

📦 What is this software?

Hms by Hms Project

View all CVEs affecting Hms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, remote code execution, and full system takeover.

🟠

Likely Case

Unauthorized access to patient records, modification of medical data, and potential privilege escalation within the HMS system.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, potentially only error messages or minor data exposure.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is typically exposed for doctor login functionality.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit this if they have network access to the HMS system.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection via doctorlogin.php parameter manipulation requires no authentication. Public discussion includes exploitation details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch exists. Replace vulnerable code with parameterized queries or prepared statements in doctorlogin.php.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block exploitation attempts.

Input Validation

all

Implement strict input validation and sanitization for all parameters in doctorlogin.php.

🧯 If You Can't Patch

Isolate the HMS system from internet access and restrict to internal network only.
Implement network segmentation and strict access controls to limit who can reach the vulnerable endpoint.

🔍 How to Verify

Check if Vulnerable:

Check if HMS version is 1.0 and examine doctorlogin.php for unsanitized SQL queries. Test with SQL injection payloads like ' OR '1'='1.

Check Version:

Check version in HMS configuration files or about page. For PHP systems: grep -r "version" /path/to/hms/ or check config files.

Verify Fix Applied:

Verify that parameterized queries or prepared statements are used in doctorlogin.php and test with SQL injection payloads.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts with SQL syntax
Error messages containing SQL syntax in web server logs

Network Indicators:

HTTP POST requests to doctorlogin.php with SQL keywords in parameters
Unusual database connection patterns from web server

SIEM Query:

source="web_logs" AND uri="*doctorlogin.php*" AND (param="*' OR*" OR param="*UNION*" OR param="*SELECT*" OR param="*--*" OR param="*;*" OR param="*/*")

📊 Metadata

CVE ID: CVE-2022-23365

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: January 21, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/kabirkhyrul/HMS/discussions/4 Exploit,Third Party Advisory
https://github.com/kabirkhyrul/HMS/discussions/4 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-23365, you might also want to check these: