CVE-2024-22923 – This SQL injection vulnerability in adv radius ... (How to Fix)

Q: What is the severity of CVE-2024-22923?

CVE-2024-22923 has a CVSS score of 9.8 (CRITICAL). This SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary SQL commands via a crafted script. Attackers could potentially read, modify, or delete database contents, and in some configurations execute arbitrary code. Organizations using adv radius v.2.2.5 are affected.

📋 TL;DR

This SQL injection vulnerability in adv radius v.2.2.5 allows a local attacker to execute arbitrary SQL commands via a crafted script. Attackers could potentially read, modify, or delete database contents, and in some configurations execute arbitrary code. Organizations using adv radius v.2.2.5 are affected.

💻 Affected Systems

Products:

adv radius

Versions: v.2.2.5

Operating Systems: All platforms running adv radius

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability requires local access, but in RADIUS deployments this often means network access to the RADIUS service rather than physical access.

📦 What is this software?

Adv Radius by Advradius

View all CVEs affecting Adv Radius →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the database and potentially executing arbitrary code on the underlying server, leading to data theft, system destruction, or lateral movement.

🟠

Likely Case

Database compromise allowing data exfiltration, modification, or deletion of RADIUS authentication data, potentially enabling privilege escalation or authentication bypass.

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permissions restricting the attack surface.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection vulnerabilities are well-understood and frequently weaponized. The local attacker requirement reduces some attack vectors but doesn't eliminate risk in typical RADIUS deployments.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No vendor advisory found in provided references

Restart Required: Yes

Instructions:

1. Check vendor website for updated version. 2. Backup configuration and data. 3. Install updated version. 4. Restart adv radius service. 5. Verify functionality.

🔧 Temporary Workarounds

Implement Input Validation

all

Add strict input validation to filter SQL metacharacters from user inputs

Implementation depends on specific code location - review and sanitize all user inputs

Use Parameterized Queries

all

Replace dynamic SQL queries with parameterized/prepared statements

Rewrite SQL queries to use parameter binding instead of string concatenation

🧯 If You Can't Patch

Implement network segmentation to isolate adv radius from critical systems
Deploy a web application firewall (WAF) with SQL injection rules

🔍 How to Verify

Check if Vulnerable:

Check if adv radius version is 2.2.5 by examining installation directory or configuration files

Check Version:

Check adv radius configuration files or installation directory for version information

Verify Fix Applied:

Test with SQL injection payloads to confirm they're properly rejected

📡 Detection & Monitoring

Log Indicators:

Unusual SQL error messages in logs
Multiple failed authentication attempts with SQL metacharacters
Unexpected database queries

Network Indicators:

SQL injection patterns in network traffic to RADIUS port
Unusual outbound database connections

SIEM Query:

source="advradius" AND (message="*SQL*" OR message="*syntax*" OR message="*injection*")

📊 Metadata

CVE ID: CVE-2024-22923

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: February 13, 2024

Last Updated: March 13, 2025

🔗 References

http://advradius.com/demo/ Permissions Required,Product
https://gist.github.com/whiteman007/ Third Party Advisory
http://advradius.com/demo/ Permissions Required,Product
https://gist.github.com/whiteman007/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-22923, you might also want to check these: