CVE-2024-10841 – This critical SQL injection vulnerability in WE... (How to Fix)

Q: What is the severity of CVE-2024-10841?

CVE-2024-10841 has a CVSS score of 5.5 (MEDIUM). This critical SQL injection vulnerability in WEB-Sekolah 1.0 allows remote attackers to execute arbitrary SQL commands via the Name parameter in /Proses_Kirim.php. The vulnerability affects the mail handler component and could lead to database compromise. All users running WEB-Sekolah 1.0 are affected.

📋 TL;DR

This critical SQL injection vulnerability in WEB-Sekolah 1.0 allows remote attackers to execute arbitrary SQL commands via the Name parameter in /Proses_Kirim.php. The vulnerability affects the mail handler component and could lead to database compromise. All users running WEB-Sekolah 1.0 are affected.

💻 Affected Systems

Products:

WEB-Sekolah

Versions: 1.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the default installation. Other parameters beyond Name may also be vulnerable.

📦 What is this software?

Web Sekolah by Romadebrian

View all CVEs affecting Web Sekolah →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data manipulation, and potential server takeover via SQL injection leading to remote code execution.

🟠

Likely Case

Database information disclosure, data manipulation, and potential authentication bypass leading to unauthorized access.

🟢

If Mitigated

Limited impact with proper input validation and WAF rules blocking SQL injection patterns.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub. The vulnerability requires no authentication and has simple exploitation vectors.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Consider implementing input validation and parameterized queries in /Proses_Kirim.php.

🔧 Temporary Workarounds

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns targeting the Name parameter

Input Validation

all

Implement strict input validation for the Name parameter in /Proses_Kirim.php

🧯 If You Can't Patch

Isolate the WEB-Sekolah application behind a reverse proxy with strict input filtering
Implement network segmentation to limit database access from the application server

🔍 How to Verify

Check if Vulnerable:

Test the /Proses_Kirim.php endpoint with SQL injection payloads in the Name parameter

Check Version:

Check application version in admin panel or configuration files

Verify Fix Applied:

Verify that SQL injection attempts no longer succeed and proper input validation is implemented

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in application logs
Multiple failed login attempts following SQL injection patterns

Network Indicators:

HTTP requests to /Proses_Kirim.php with SQL keywords in parameters

SIEM Query:

source="web_logs" AND uri="/Proses_Kirim.php" AND (param="Name" AND value CONTAINS "UNION" OR value CONTAINS "SELECT" OR value CONTAINS "OR 1=1")

📊 Metadata

CVE ID: CVE-2024-10841

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

CWE: CWE-74

Published: November 5, 2024

Last Updated: November 6, 2024

🔗 References

https://github.com/2537463005/a/blob/main/WEB-Sekolah%E5%90%8E%E5%8F%B0%E5%AD%98%E5%82%A8%E5%9E%8Bxss.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.283087 Permissions Required,VDB Entry
https://vuldb.com/?id.283087 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-10841, you might also want to check these: