CVE-2024-33868 – This LDAP injection vulnerability in linqi on W... (How to Fix)

Q: What is the severity of CVE-2024-33868?

CVE-2024-33868 has a CVSS score of 9.8 (CRITICAL). This LDAP injection vulnerability in linqi on Windows allows attackers to manipulate LDAP queries, potentially leading to unauthorized access or data exposure. It affects linqi installations on Windows systems before version 1.4.0.1.

📋 TL;DR

This LDAP injection vulnerability in linqi on Windows allows attackers to manipulate LDAP queries, potentially leading to unauthorized access or data exposure. It affects linqi installations on Windows systems before version 1.4.0.1.

💻 Affected Systems

Products:

linqi

Versions: All versions before 1.4.0.1

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows installations of linqi; other platforms may not be vulnerable.

📦 What is this software?

Linqi by Linqi

View all CVEs affecting Linqi →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise via LDAP query manipulation leading to authentication bypass, data exfiltration, or privilege escalation.

🟠

Likely Case

Unauthorized access to directory services, information disclosure, or manipulation of LDAP queries to bypass security controls.

🟢

If Mitigated

Limited impact with proper input validation and LDAP query sanitization in place.

🌐 Internet-Facing: HIGH if linqi is exposed to external networks, as LDAP injection can be exploited remotely.

🏢 Internal Only: MEDIUM for internal systems, requiring network access but potentially leading to lateral movement.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

LDAP injection typically has low exploitation complexity, especially with unauthenticated access.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.4.0.1

Vendor Advisory: https://linqi.help/Updates/en#/SecurityUpdates

Restart Required: Yes

Instructions:

1. Download linqi version 1.4.0.1 or later from official sources. 2. Stop linqi service. 3. Install the updated version. 4. Restart linqi service.

🔧 Temporary Workarounds

Input Validation

all

Implement strict input validation for all LDAP query parameters

Network Segmentation

all

Restrict network access to linqi services to trusted networks only

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block LDAP injection patterns
Disable or restrict linqi services until patching is possible

🔍 How to Verify

Check if Vulnerable:

Check linqi version; if below 1.4.0.1 on Windows, system is vulnerable.

Check Version:

linqi --version or check application properties

Verify Fix Applied:

Confirm linqi version is 1.4.0.1 or higher after update.

📡 Detection & Monitoring

Log Indicators:

Unusual LDAP query patterns
Failed authentication attempts with special characters
Unexpected directory access

Network Indicators:

LDAP queries containing injection characters (=, *, (, ), &, |)
Unusual traffic to LDAP ports from linqi services

SIEM Query:

source="linqi" AND (LDAP_query CONTAINS "*" OR LDAP_query CONTAINS "(" OR LDAP_query CONTAINS ")")

📊 Metadata

CVE ID: CVE-2024-33868

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-90

Published: May 14, 2024

Last Updated: April 28, 2025

🔗 References

https://linqi.help/Updates/en#/SecurityUpdates Broken Link
https://www.linqi.de/de-DE/blog.html Product
https://linqi.help/Updates/en#/SecurityUpdates Broken Link
https://www.linqi.de/de-DE/blog.html Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-33868, you might also want to check these: