CVE-2024-35084 – J2EEFAST v2.7.0 contains a SQL injection vulner... (How to Fix)

Q: What is the severity of CVE-2024-35084?

CVE-2024-35084 has a CVSS score of 9.8 (CRITICAL). J2EEFAST v2.7.0 contains a SQL injection vulnerability in the findPage function of SysMsgPushMapper.xml that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable version of J2EEFAST. Attackers could potentially access, modify, or delete database content.

📋 TL;DR

J2EEFAST v2.7.0 contains a SQL injection vulnerability in the findPage function of SysMsgPushMapper.xml that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable version of J2EEFAST. Attackers could potentially access, modify, or delete database content.

💻 Affected Systems

Products:

J2EEFAST

Versions: v2.7.0

Operating Systems: Any OS running J2EEFAST

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of J2EEFAST v2.7.0 are vulnerable regardless of configuration

📦 What is this software?

J2eefast by J2eefast

View all CVEs affecting J2eefast →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, data destruction, or full system takeover via SQL injection to RCE chaining

🟠

Likely Case

Unauthorized database access allowing data exfiltration, privilege escalation, or data manipulation

🟢

If Mitigated

Limited impact with proper input validation, parameterized queries, and database permission restrictions

🌐 Internet-Facing: HIGH - Web applications are typically internet-facing and directly accessible to attackers

🏢 Internal Only: MEDIUM - Internal systems could still be exploited by malicious insiders or compromised internal accounts

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection vulnerabilities are commonly exploited and weaponized; authentication status depends on specific application configuration

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.j2eefast.com/

Restart Required: Yes

Instructions:

1. Check vendor website for security updates 2. Apply any available patches 3. Restart application services 4. Verify fix implementation

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation and parameterized queries for the findPage function

WAF Rule Implementation

all

Deploy web application firewall rules to block SQL injection patterns

🧯 If You Can't Patch

Implement network segmentation to isolate vulnerable systems
Apply principle of least privilege to database accounts

🔍 How to Verify

Check if Vulnerable:

Check application version in configuration files or admin interface for v2.7.0

Check Version:

Check application.properties or similar configuration files for version information

Verify Fix Applied:

Test the findPage function with SQL injection payloads after applying fixes

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts via findPage function
Suspicious parameter values in application logs

Network Indicators:

SQL keywords in HTTP POST/GET parameters
Unusual database connection patterns

SIEM Query:

source="web_logs" AND ("UNION" OR "SELECT" OR "INSERT" OR "DELETE") AND uri="*findPage*"

📊 Metadata

CVE ID: CVE-2024-35084

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: May 23, 2024

Last Updated: April 16, 2025

🔗 References

https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35084.txt Third Party Advisory
https://www.j2eefast.com/ Product
https://github.com/cxcxcxcxcxcxcxc/cxcxcxcxcxcxcxc/blob/main/cxcxcxcxcxc/about-2024/35084.txt Third Party Advisory
https://www.j2eefast.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-35084, you might also want to check these: