CVE-2022-31951 – Rescue Dispatch Management System v1.0 contains... (How to Fix)

Q: What is the severity of CVE-2022-31951?

CVE-2022-31951 has a CVSS score of 9.8 (CRITICAL). Rescue Dispatch Management System v1.0 contains a SQL injection vulnerability in the delete_respondent_type function that allows attackers to execute arbitrary SQL commands. This affects all users running the vulnerable version of this web application. Attackers can potentially access, modify, or delete database contents.

📋 TL;DR

Rescue Dispatch Management System v1.0 contains a SQL injection vulnerability in the delete_respondent_type function that allows attackers to execute arbitrary SQL commands. This affects all users running the vulnerable version of this web application. Attackers can potentially access, modify, or delete database contents.

💻 Affected Systems

Products:

Rescue Dispatch Management System

Versions: v1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the specific version only; other versions may also be vulnerable but not confirmed.

📦 What is this software?

Rescue Dispatch Management System by Rescue Dispatch Management System Project

View all CVEs affecting Rescue Dispatch Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, authentication bypass, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access and modification, potentially exposing sensitive information about dispatch operations and personnel.

🟢

If Mitigated

Limited impact with proper input validation and database permissions, though SQL injection attempts would still be logged.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is accessible via web interface, making it directly exploitable from the internet.

🏢 Internal Only: HIGH - Even if not internet-facing, internal attackers or compromised systems could exploit this vulnerability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The GitHub reference shows detailed exploitation steps, making this easily exploitable by attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None found

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Parameterized Queries

all

Implement proper input validation and use parameterized queries/prepared statements in the Master.php file.

Modify /rdms/classes/Master.php to use prepared statements for all database operations

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection protection rules to block malicious requests.

Configure WAF rules to block SQL injection patterns targeting the vulnerable endpoint

🧯 If You Can't Patch

Restrict access to the vulnerable endpoint using network controls or authentication
Implement database-level controls with minimal necessary permissions for the application user

🔍 How to Verify

Check if Vulnerable:

Test the endpoint /rdms/classes/Master.php?f=delete_respondent_type with SQL injection payloads like ' OR '1'='1

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Test the same endpoint with SQL injection payloads and verify they are rejected or properly handled

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in application logs
Multiple requests to Master.php with suspicious parameters
Database error messages containing SQL syntax

Network Indicators:

HTTP requests to /rdms/classes/Master.php with SQL keywords in parameters
Unusual database query patterns from the application server

SIEM Query:

source="web_server" AND uri="/rdms/classes/Master.php" AND (param="delete_respondent_type" AND (query="' OR" OR query="UNION" OR query="SELECT"))

📊 Metadata

CVE ID: CVE-2022-31951

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: June 2, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/rescue-dispatch-management-system/SQLi-4.md Exploit,Third Party Advisory
https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/rescue-dispatch-management-system/SQLi-4.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-31951, you might also want to check these: