Login Sign Up

CVE-2023-36361

9.8 CRITICAL
SQL Injection

📋 TL;DR

Audimexee v14.1.7 contains a SQL injection vulnerability in the p_table_name parameter that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable version of Audimexee software. Successful exploitation could lead to data theft, data manipulation, or complete system compromise.

💻 Affected Systems

Products:
  • Audimexee
Versions: v14.1.7
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of Audimexee v14.1.7 are vulnerable by default. The vulnerability exists in the p_table_name parameter handling.

📦 What is this software?

Audimexee by Web Audimex

View all CVEs affecting Audimexee →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise allowing data exfiltration, data destruction, privilege escalation to database administrator, and potential remote code execution on the underlying server.

🟠

Likely Case

Unauthorized data access and extraction, including sensitive business information, user credentials, and configuration data.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database user privilege restrictions in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

SQL injection vulnerabilities are commonly exploited and public proof-of-concept code exists in the referenced GitHub repository.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://audimex.com

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. If patch available, download and apply. 3. Test functionality after patching. 4. Monitor for any issues.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement strict input validation to reject malicious SQL characters in p_table_name parameter

Implement regex filter: ^[a-zA-Z0-9_]+$ for table names

Web Application Firewall

all

Deploy WAF with SQL injection protection rules

Configure WAF to block SQL injection patterns in request parameters

🧯 If You Can't Patch

  • Isolate the vulnerable system from internet access and restrict internal network access
  • Implement database user privilege restrictions to limit potential damage from exploitation

🔍 How to Verify

Check if Vulnerable:

Test p_table_name parameter with SQL injection payloads like ' OR '1'='1 and monitor for unexpected database responses

Check Version:

Check application version in admin interface or configuration files

Verify Fix Applied:

Retest with SQL injection payloads after implementing fixes and confirm proper error handling or rejection

📡 Detection & Monitoring

Log Indicators:

  • Unusual database queries
  • SQL syntax errors in application logs
  • Multiple failed login attempts from single IP

Network Indicators:

  • Unusual SQL patterns in HTTP requests
  • Requests with SQL keywords in parameters

SIEM Query:

source="web_logs" AND (p_table_name CONTAINS "UNION" OR p_table_name CONTAINS "SELECT" OR p_table_name CONTAINS "OR 1=1")

📊 Metadata

CVE ID: CVE-2023-36361
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: September 5, 2023
Last Updated: April 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-36361, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)