Login Sign Up

CVE-2024-33164

9.8 CRITICAL
SQL Injection

📋 TL;DR

CVE-2024-33164 is a critical SQL injection vulnerability in J2EEFAST v2.7.0 that allows attackers to execute arbitrary SQL commands via the sql_filter parameter in the authUserList() function. This affects all systems running the vulnerable version of J2EEFAST, potentially exposing database contents and enabling further system compromise.

💻 Affected Systems

Products:
  • J2EEFAST
Versions: v2.7.0
Operating Systems: Any OS running J2EEFAST
Default Config Vulnerable: ⚠️ Yes
Notes: All deployments of J2EEFAST v2.7.0 are vulnerable unless specifically patched or workarounds applied.

📦 What is this software?

J2eefast by J2eefast

View all CVEs affecting J2eefast →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, authentication bypass, remote code execution, and full system takeover.

🟠

Likely Case

Unauthorized data access, privilege escalation, and potential data exfiltration from the database.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting query execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

SQL injection via sql_filter parameter requires some authentication but is straightforward to exploit once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v2.7.1 or later

Vendor Advisory: https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/33164.txt

Restart Required: Yes

Instructions:

1. Download latest J2EEFAST version from official repository. 2. Backup current installation. 3. Replace vulnerable files with patched version. 4. Restart application server.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize sql_filter parameter

Implement parameterized queries or stored procedures in authUserList() function

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns

Configure WAF to detect and block SQL injection attempts in sql_filter parameter

🧯 If You Can't Patch

  • Implement network segmentation to isolate J2EEFAST from critical systems
  • Enable database auditing and monitor for unusual SQL queries

🔍 How to Verify

Check if Vulnerable:

Check if J2EEFAST version is 2.7.0 and test sql_filter parameter for SQL injection vulnerability

Check Version:

Check application configuration files or admin interface for version information

Verify Fix Applied:

Verify version is updated to 2.7.1+ and test sql_filter parameter no longer accepts SQL injection payloads

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL queries in database logs
  • Multiple failed authentication attempts with SQL-like patterns in sql_filter

Network Indicators:

  • HTTP requests containing SQL keywords in sql_filter parameter
  • Unusual database connection patterns

SIEM Query:

source="web_logs" AND (sql_filter CONTAINS "UNION" OR sql_filter CONTAINS "SELECT" OR sql_filter CONTAINS "INSERT")

📊 Metadata

CVE ID: CVE-2024-33164
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: May 7, 2024
Last Updated: April 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33164, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)