Login Sign Up

CVE-2022-31941

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2022-31941 is a critical SQL injection vulnerability in Rescue Dispatch Management System v1.0 that allows attackers to execute arbitrary SQL commands via the 'id' parameter in the user management page. This affects all organizations using this specific software version. Attackers can potentially access, modify, or delete database contents.

💻 Affected Systems

Products:
  • Rescue Dispatch Management System
Versions: v1.0
Operating Systems: Any OS running the web application
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability exists in the default installation and requires no special configuration to be exploitable.

📦 What is this software?

Rescue Dispatch Management System by Rescue Dispatch Management System Project

View all CVEs affecting Rescue Dispatch Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, authentication bypass, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized access to sensitive user data, system configuration, and potential privilege escalation to administrative accounts.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permissions restricting damage to non-critical data.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authentication to access the admin panel, but SQL injection payloads are simple to craft once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Implement parameterized queries in the affected PHP files, specifically in the user management functionality.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection rules to block malicious payloads targeting the vulnerable endpoint.

Input Validation Filter

all

Implement server-side input validation to restrict 'id' parameter to numeric values only.

Example PHP: if(!is_numeric($_GET['id'])) { die('Invalid input'); }

🧯 If You Can't Patch

  • Isolate the system from internet access and restrict to internal network only
  • Implement strict network segmentation and monitor all traffic to the vulnerable endpoint

🔍 How to Verify

Check if Vulnerable:

Test the endpoint /rdms/admin?page=user/manage_user&id= with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer execute and return error messages or are properly sanitized

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL syntax in URL parameters
  • Multiple failed login attempts followed by SQL payloads
  • Database error messages in application logs

Network Indicators:

  • HTTP requests containing SQL keywords (SELECT, UNION, etc.) in the 'id' parameter
  • Unusual database connection patterns

SIEM Query:

Example: source="web_logs" AND url="*manage_user*" AND (url="*UNION*" OR url="*SELECT*" OR url="*OR 1=1*")

📊 Metadata

CVE ID: CVE-2022-31941
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: June 17, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31941, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)