Login Sign Up

CVE-2023-6647

7.3 HIGH
SQL Injection

📋 TL;DR

This critical SQL injection vulnerability in AMTT HiBOS 1.0 allows attackers to manipulate database queries via the Type parameter. Remote attackers can potentially execute arbitrary SQL commands, leading to data theft, modification, or system compromise. All systems running the affected software are vulnerable.

💻 Affected Systems

Products:
  • AMTT HiBOS
Versions: 1.0
Operating Systems: Unknown
Default Config Vulnerable: ⚠️ Yes
Notes: Specific functionality affected is unknown but involves the Type parameter. All installations of version 1.0 appear vulnerable.

📦 What is this software?

Hibos by Amttgroup

View all CVEs affecting Hibos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, data destruction, privilege escalation to system-level access, and potential remote code execution.

🟠

Likely Case

Unauthorized data access and extraction, database manipulation, and potential authentication bypass.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and network segmentation in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploit details are publicly available on GitHub. Remote exploitation is possible without authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor was contacted but did not respond. Consider workarounds or alternative software.

🔧 Temporary Workarounds

Web Application Firewall (WAF)

all

Deploy a WAF with SQL injection rules to block malicious requests targeting the Type parameter.

Input Validation Filter

all

Implement server-side input validation to sanitize the Type parameter before processing.

🧯 If You Can't Patch

  • Isolate the affected system from the internet and restrict network access to only necessary connections.
  • Implement strict monitoring and alerting for SQL injection attempts in application logs.

🔍 How to Verify

Check if Vulnerable:

Check if AMTT HiBOS version 1.0 is installed. Test the Type parameter with SQL injection payloads (use authorized testing only).

Check Version:

Check application documentation or interface for version information. No standard command available.

Verify Fix Applied:

Verify that SQL injection attempts on the Type parameter are properly blocked or sanitized.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL error messages in application logs
  • Multiple failed login attempts or parameter manipulation attempts

Network Indicators:

  • HTTP requests with SQL keywords in Type parameter (SELECT, UNION, INSERT, etc.)
  • Unusual database connection patterns

SIEM Query:

Example: http.request.uri contains "Type=" AND (http.request.uri contains "SELECT" OR "UNION" OR "INSERT")

📊 Metadata

CVE ID: CVE-2023-6647
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-89
Published: December 10, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-6647, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)