CVE-2022-45030 – This SQL injection vulnerability in rConfig 3.9... (How to Fix)

Q: What is the severity of CVE-2022-45030?

CVE-2022-45030 has a CVSS score of 8.8 (HIGH). This SQL injection vulnerability in rConfig 3.9.7 allows attackers to execute arbitrary SQL commands via the 'command' parameter in ajaxCompareGetCmdDates.php. This could lead to unauthorized data access, modification, or deletion. All users running rConfig 3.9.7 are affected.

📋 TL;DR

This SQL injection vulnerability in rConfig 3.9.7 allows attackers to execute arbitrary SQL commands via the 'command' parameter in ajaxCompareGetCmdDates.php. This could lead to unauthorized data access, modification, or deletion. All users running rConfig 3.9.7 are affected.

💻 Affected Systems

Products:

rConfig

Versions: 3.9.7

Operating Systems: Linux, Windows

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation and requires no special configuration to be exploitable.

📦 What is this software?

Rconfig by Rconfig

View all CVEs affecting Rconfig →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including sensitive configuration data, credential theft, and potential remote code execution via secure-file-priv interaction.

🟠

Likely Case

Unauthorized access to network device configurations, credential extraction, and potential privilege escalation within the application.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permissions restricting file operations.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is accessible via web interface and can be exploited remotely without authentication.

🏢 Internal Only: HIGH - Even internal attackers could exploit this to gain administrative access and compromise network configurations.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code is available, making this easily exploitable by attackers with basic SQL injection knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Add proper input validation and parameterized queries to the vulnerable PHP file.

Edit lib/ajaxHandlers/ajaxCompareGetCmdDates.php to use prepared statements with PDO or mysqli

Access Restriction

linux

Restrict access to the vulnerable endpoint via web server configuration.

Add 'Deny from all' to .htaccess for the ajaxHandlers directory or configure nginx location block

🧯 If You Can't Patch

Implement WAF rules to block SQL injection patterns targeting the vulnerable endpoint
Restrict database user permissions to prevent file operations and limit damage from successful exploitation

🔍 How to Verify

Check if Vulnerable:

Test the endpoint with SQL injection payloads: /lib/ajaxHandlers/ajaxCompareGetCmdDates.php?command=1' OR '1'='1

Check Version:

Check rConfig version in web interface or configuration files

Verify Fix Applied:

Verify that SQL injection payloads no longer return database information and that prepared statements are implemented

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple requests to ajaxCompareGetCmdDates.php with SQL syntax

Network Indicators:

HTTP requests containing SQL keywords (UNION, SELECT, etc.) targeting the vulnerable endpoint

SIEM Query:

source="web_logs" AND uri="/lib/ajaxHandlers/ajaxCompareGetCmdDates.php" AND (request CONTAINS "UNION" OR request CONTAINS "SELECT" OR request CONTAINS "' OR '")

📊 Metadata

CVE ID: CVE-2022-45030

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: April 15, 2023

Last Updated: February 6, 2025

🔗 References

http://packetstormsecurity.com/files/171613/rconfig-3.9.7-SQL-Injection.html Exploit,Third Party Advisory,VDB Entry
https://www.rconfig.com/downloads/rconfig-3.9.7.zip Product
http://packetstormsecurity.com/files/171613/rconfig-3.9.7-SQL-Injection.html Exploit,Third Party Advisory,VDB Entry
https://www.rconfig.com/downloads/rconfig-3.9.7.zip Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-45030, you might also want to check these: