CVE-2024-43774 – This SQL injection vulnerability in Easytest On... (How to Fix)

Q: What is the severity of CVE-2024-43774?

CVE-2024-43774 has a CVSS score of 8.8 (HIGH). This SQL injection vulnerability in Easytest Online Test Platform allows authenticated attackers to execute arbitrary SQL commands via the uid parameter in the download personal learning course function. Attackers could potentially read, modify, or delete database content, affecting all users of version 24E01 and earlier.

📋 TL;DR

This SQL injection vulnerability in Easytest Online Test Platform allows authenticated attackers to execute arbitrary SQL commands via the uid parameter in the download personal learning course function. Attackers could potentially read, modify, or delete database content, affecting all users of version 24E01 and earlier.

💻 Affected Systems

Products:

Easytest Online Test Platform

Versions: 24E01 and earlier

Operating Systems: Any OS running the platform

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access to exploit the vulnerable function.

📦 What is this software?

Easytest Online Test Platform by Easytest

View all CVEs affecting Easytest Online Test Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data exfiltration, privilege escalation to admin, and potential remote code execution via database functions.

🟠

Likely Case

Data theft of user information, test results, and potentially authentication credentials stored in the database.

🟢

If Mitigated

Limited to authenticated user data access if proper input validation and parameterized queries are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

SQL injection via uid parameter requires authenticated access but is straightforward to exploit once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Contact vendor for patched version. 2. If patch available, download and install. 3. Test functionality after update.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to restrict uid parameter to expected format

WAF Rule

all

Deploy web application firewall rules to block SQL injection patterns in uid parameter

🧯 If You Can't Patch

Disable the download personal learning course function entirely
Implement strict input validation and parameterized queries for the uid parameter

🔍 How to Verify

Check if Vulnerable:

Test uid parameter with SQL injection payloads like ' OR '1'='1 in authenticated session

Check Version:

Check platform version in admin panel or configuration files

Verify Fix Applied:

Verify parameterized queries are used and test with SQL injection payloads that should be rejected

📡 Detection & Monitoring

Log Indicators:

Unusual SQL errors in application logs
Multiple failed download attempts with malformed uid parameters
UID parameter containing SQL keywords

Network Indicators:

HTTP requests to download function with SQL injection patterns in parameters

SIEM Query:

source="web_logs" AND (uri="*download*" OR uri="*personal*learning*") AND (param="*uid=*OR*" OR param="*uid=*UNION*" OR param="*uid=*SELECT*")

📊 Metadata

CVE ID: CVE-2024-43774

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: September 2, 2024

Last Updated: September 4, 2024

🔗 References

https://zuso.ai/advisory/za-2024-07 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-43774, you might also want to check these: