CVE-2022-32301 – CVE-2022-32301 is a critical SQL injection vuln... (How to Fix)

Q: What is the severity of CVE-2022-32301?

CVE-2022-32301 has a CVSS score of 9.8 (CRITICAL). CVE-2022-32301 is a critical SQL injection vulnerability in YoudianCMS v9.5.0 that allows attackers to execute arbitrary SQL commands via the IdList parameter. This affects all users running the vulnerable version, potentially leading to complete database compromise. Attackers can exploit this without authentication to steal, modify, or delete sensitive data.

📋 TL;DR

CVE-2022-32301 is a critical SQL injection vulnerability in YoudianCMS v9.5.0 that allows attackers to execute arbitrary SQL commands via the IdList parameter. This affects all users running the vulnerable version, potentially leading to complete database compromise. Attackers can exploit this without authentication to steal, modify, or delete sensitive data.

💻 Affected Systems

Products:

YoudianCMS

Versions: v9.5.0

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation; no special configuration is required for exploitation.

📦 What is this software?

Youdiancms by Youdiancms

View all CVEs affecting Youdiancms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database takeover allowing data theft, modification, deletion, and potential remote code execution through database functions.

🟠

Likely Case

Unauthenticated attackers extracting sensitive user data, administrative credentials, and manipulating database content.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permission restrictions in place.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is accessible via web requests, making internet-facing instances immediately exploitable.

🏢 Internal Only: MEDIUM - Internal instances are still vulnerable but require network access; risk depends on internal segmentation.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection via IdList parameter requires minimal technical skill; public proof-of-concept exists in Chinese documentation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v9.5.1 or later

Vendor Advisory: https://www.yuque.com/docs/share/8864c0c7-ad8e-407f-98d3-104d2f2dd13e

Restart Required: No

Instructions:

1. Download latest YoudianCMS version from official source. 2. Backup current installation. 3. Replace vulnerable file /App/Lib/Action/Home/ApiAction.class.php with patched version. 4. Verify fix by testing IdList parameter.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to restrict IdList parameter to expected data types

Modify /App/Lib/Action/Home/ApiAction.class.php to validate IdList contains only integers and commas

Web Application Firewall Rule

all

Block SQL injection patterns targeting the IdList parameter

Add WAF rule: deny requests with SQL keywords in IdList parameter

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in the vulnerable file
Restrict database user permissions to minimum required and enable query logging

🔍 How to Verify

Check if Vulnerable:

Test the /App/Lib/Action/Home/ApiAction.class.php endpoint with SQL injection payloads in IdList parameter

Check Version:

Check YoudianCMS version in admin panel or configuration files

Verify Fix Applied:

Attempt SQL injection on patched version; successful queries should be blocked or sanitized

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts following SQL errors
Requests with SQL keywords in IdList parameter

Network Indicators:

HTTP requests containing SQL injection patterns to the vulnerable endpoint
Unusual outbound database connections

SIEM Query:

source="web_logs" AND (uri="*ApiAction.class.php*" AND (param="*IdList=*UNION*" OR param="*IdList=*SELECT*" OR param="*IdList=*OR*"))

📊 Metadata

CVE ID: CVE-2022-32301

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: June 15, 2022

Last Updated: November 21, 2024

🔗 References

https://www.yuque.com/docs/share/8864c0c7-ad8e-407f-98d3-104d2f2dd13e Exploit,Third Party Advisory
https://www.yuque.com/docs/share/8864c0c7-ad8e-407f-98d3-104d2f2dd13e Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-32301, you might also want to check these: