CVE-2024-28559
📋 TL;DR
This SQL injection vulnerability in Niushop B2B2C v5.3.3 and earlier allows attackers to execute arbitrary SQL commands via the setPrice() function in the Goodsbatchset.php component. Successful exploitation could lead to privilege escalation, data manipulation, or complete system compromise. All users running affected versions of Niushop B2B2C are vulnerable.
💻 Affected Systems
- Niushop B2B2C
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete system takeover, database exfiltration, privilege escalation to administrative access, and potential remote code execution.
Likely Case
Unauthorized privilege escalation leading to administrative access, data theft, and manipulation of e-commerce transactions.
If Mitigated
Limited impact with proper input validation, parameterized queries, and web application firewall rules in place.
🎯 Exploit Status
Exploitation requires some level of access to trigger the vulnerable function, but SQL injection payloads are well-documented.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: v5.3.4 or later
Vendor Advisory: https://www.niushop.com/
Restart Required: No
Instructions:
1. Backup your current installation and database. 2. Download the latest version from the official Niushop website. 3. Replace the vulnerable Goodsbatchset.php file with the patched version. 4. Verify the fix by testing the setPrice() functionality.
🔧 Temporary Workarounds
Input Validation and Sanitization
allImplement strict input validation and parameterized queries for the setPrice() function.
Web Application Firewall Rules
allDeploy WAF rules to block SQL injection patterns targeting the Goodsbatchset.php component.
🧯 If You Can't Patch
- Implement strict input validation and sanitization for all user inputs in the Goodsbatchset.php component.
- Deploy a web application firewall with SQL injection detection rules and restrict access to the vulnerable endpoint.
🔍 How to Verify
Check if Vulnerable:
Check if your Niushop version is 5.3.3 or earlier and review the Goodsbatchset.php file for vulnerable SQL queries in the setPrice() function.Check Version:
Check the version in the Niushop admin panel or review the version file in the installation directory.Verify Fix Applied:
Verify that the Niushop version is 5.3.4 or later and test the setPrice() functionality with SQL injection payloads to ensure they are blocked.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in application logs
- Multiple failed login attempts followed by successful administrative access
- Unexpected database operations from the Goodsbatchset.php component
Network Indicators:
- SQL injection patterns in HTTP requests to Goodsbatchset.php
- Unusual database connection patterns from the web server
SIEM Query:
source="web_logs" AND (uri="*Goodsbatchset.php*" AND (query="*UNION*" OR query="*SELECT*" OR query="*INSERT*" OR query="*UPDATE*" OR query="*DELETE*"))🔗 References
- https://chiggerlor.substack.com/p/cve-2024-28560-cve-2024-28559
- https://gitee.com/niushop-team/niushop_b2c_v5
- https://v5.niuteam.cn
- https://v5.niuteam.cn/
- https://www.niushop.com/
- https://chiggerlor.substack.com/p/cve-2024-28560-cve-2024-28559
- https://gitee.com/niushop-team/niushop_b2c_v5
- https://v5.niuteam.cn
- https://v5.niuteam.cn/
- https://www.niushop.com/
