Login Sign Up

CVE-2024-5523

8.8 HIGH
SQL Injection

📋 TL;DR

This SQL injection vulnerability in Astrotalks allows authenticated local users to execute arbitrary SQL queries through the 'searchString' parameter, potentially exposing all database information. It affects systems running the vulnerable version from October 3, 2023. Organizations using Astrotalks should prioritize patching this high-severity vulnerability.

💻 Affected Systems

Products:
  • Astrotalks
Versions: Version from October 3, 2023
Operating Systems: All platforms running Astrotalks
Default Config Vulnerable: ⚠️ Yes
Notes: Requires authenticated local user access to exploit

📦 What is this software?

Astrotalks by Codester

View all CVEs affecting Astrotalks →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including sensitive user data, authentication credentials, and system configuration information leading to full system takeover.

🟠

Likely Case

Unauthorized data extraction from the database, potentially exposing user information, application data, and configuration details.

🟢

If Mitigated

Limited impact with proper input validation and database permissions restricting unauthorized data access.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access but uses simple SQL injection techniques

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version after October 3, 2023

Vendor Advisory: https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-astrotalks

Restart Required: Yes

Instructions:

1. Check current Astrotalks version
2. Update to latest version from official vendor
3. Restart Astrotalks service
4. Verify the update was successful

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize 'searchString' parameter

Implement parameterized queries or stored procedures
Add input validation regex to filter SQL special characters

Database Permission Restriction

all

Limit database user permissions to minimum required access

REVOKE unnecessary privileges from application database user
GRANT only SELECT on required tables

🧯 If You Can't Patch

  • Implement web application firewall (WAF) with SQL injection rules
  • Isolate the vulnerable system from sensitive networks and databases

🔍 How to Verify

Check if Vulnerable:

Check if Astrotalks version date is October 3, 2023 or if 'searchString' parameter accepts SQL injection payloads

Check Version:

Check Astrotalks configuration or admin panel for version information

Verify Fix Applied:

Test 'searchString' parameter with SQL injection payloads after update and verify they are rejected

📡 Detection & Monitoring

Log Indicators:

  • Unusual database query patterns
  • Multiple failed login attempts followed by search queries
  • SQL syntax errors in application logs

Network Indicators:

  • Unusual SQL query patterns in database traffic
  • Multiple search requests with special characters

SIEM Query:

source="astrotalks" AND (searchString CONTAINS "' OR" OR searchString CONTAINS "--" OR searchString CONTAINS ";")

📊 Metadata

CVE ID: CVE-2024-5523
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-89
Published: May 31, 2024
Last Updated: October 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-5523, you might also want to check these:

CVE-2024-8522 10.0

This vulnerability allows unauthenticated attackers to perform SQL injection attacks on WordPress si...

Same vulnerability type (CWE-89)
CVE-2024-13152 10.0

This SQL injection vulnerability in BSS Software's Mobuy Online Machinery Monitoring Panel allows at...

Same vulnerability type (CWE-89)
CVE-2021-42311 10.0

CVE-2021-42311 is a critical SQL injection vulnerability in Microsoft Defender for IoT that allows r...

Same vulnerability type (CWE-89)