Login Sign Up

CVE-2022-47532

9.8 CRITICAL
SQL Injection Authentication Bypass

📋 TL;DR

CVE-2022-47532 is a SQL injection vulnerability in FileRun 20220519 that allows attackers to execute arbitrary SQL commands via the 'dir' parameter in a specific web request. This can lead to unauthorized data access, modification, or deletion, affecting users of the vulnerable FileRun version.

💻 Affected Systems

Products:
  • FileRun
Versions: 20220519
Operating Systems: All OS where FileRun is installed
Default Config Vulnerable: ⚠️ Yes
Notes: The vulnerability is present in the default configuration of the specified version.

📦 What is this software?

Filerun by Filerun

View all CVEs affecting Filerun →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full compromise of the database, including data theft, deletion, or remote code execution if database privileges allow it.

🟠

Likely Case

Unauthorized access to sensitive user data, such as credentials or files, and potential privilege escalation.

🟢

If Mitigated

Limited impact if input validation or WAF blocks malicious requests, but risk remains if not patched.

🌐 Internet-Facing: HIGH, as the vulnerability is exploitable via web requests, making internet-facing instances prime targets.
🏢 Internal Only: MEDIUM, as internal attackers could exploit it, but external exposure increases overall risk.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation is straightforward with publicly available proof-of-concept, requiring minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Later versions after 20220519; check vendor for specific fixed version.

Vendor Advisory: https://herolab.usd.de/security-advisories/usd-2022-0064/

Restart Required: No

Instructions:

1. Update FileRun to the latest patched version. 2. Follow vendor instructions for upgrading. 3. Verify the fix by testing the vulnerable endpoint.

🔧 Temporary Workarounds

Input Validation via WAF

all

Deploy a web application firewall to block SQL injection patterns in the 'dir' parameter.

Configure WAF rules to filter malicious SQL payloads.

Parameter Sanitization

all

Implement server-side input validation to sanitize the 'dir' parameter before processing.

Modify application code to escape or validate user inputs.

🧯 If You Can't Patch

  • Restrict access to the vulnerable endpoint using network ACLs or authentication.
  • Monitor logs for suspicious SQL injection attempts and implement intrusion detection.

🔍 How to Verify

Check if Vulnerable:

Test the endpoint /?module=users&section=cpanel&page=list with a malicious 'dir' parameter payload to see if SQL errors are returned.

Check Version:

Check the FileRun version in the admin panel or configuration files.

Verify Fix Applied:

After patching, retest the same endpoint to ensure no SQL errors or unauthorized access occurs.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in application logs, error messages related to SQL syntax from the 'dir' parameter.

Network Indicators:

  • HTTP requests to the vulnerable endpoint with SQL injection payloads in parameters.

SIEM Query:

Example: search 'dir' AND 'SQL' in web server logs for FileRun instances.

📊 Metadata

CVE ID: CVE-2022-47532
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: December 22, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-47532, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)