CVE-2024-57098 – Moss v0.1.3 contains an SQL injection vulnerabi... (How to Fix)

Q: What is the severity of CVE-2024-57098?

CVE-2024-57098 has a CVSS score of 9.8 (CRITICAL). Moss v0.1.3 contains an SQL injection vulnerability in the order parameter that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable version of Moss. Attackers could potentially access, modify, or delete database content.

📋 TL;DR

Moss v0.1.3 contains an SQL injection vulnerability in the order parameter that allows attackers to execute arbitrary SQL commands. This affects all systems running the vulnerable version of Moss. Attackers could potentially access, modify, or delete database content.

💻 Affected Systems

Products:

Moss

Versions: v0.1.3

Operating Systems: all

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Moss v0.1.3; earlier versions may also be vulnerable but not confirmed.

📦 What is this software?

Moss by Deep Project

View all CVEs affecting Moss →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including data theft, data destruction, and potential remote code execution if database functions allow it.

🟠

Likely Case

Unauthorized data access and potential data manipulation through SQL injection.

🟢

If Mitigated

Limited impact with proper input validation and parameterized queries in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection in order parameter suggests straightforward exploitation with common SQLi techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: unknown

Vendor Advisory: https://github.com/deep-project/moss/issues/13

Restart Required: Yes

Instructions:

1. Monitor the GitHub issue for patch release. 2. Update to patched version when available. 3. Restart Moss service after update.

🔧 Temporary Workarounds

Input Validation Filter

all

Add strict input validation for order parameter to only allow expected values.

Implement parameter validation in source code to restrict order parameter to safe values only.

WAF Rule

all

Deploy web application firewall rules to block SQL injection attempts.

Configure WAF to detect and block SQL injection patterns in order parameter.

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in application code.
Deploy network segmentation to limit database access and use database firewall rules.

🔍 How to Verify

Check if Vulnerable:

Check if running Moss v0.1.3 by examining version information in application or configuration files.

Check Version:

Check application logs, configuration files, or run 'moss --version' if available.

Verify Fix Applied:

Test order parameter with SQL injection payloads after implementing fixes to ensure they are blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts or parameter manipulation attempts in application logs

Network Indicators:

SQL keywords in HTTP parameters
Unusual database connection patterns

SIEM Query:

search 'order' AND ('UNION' OR 'SELECT' OR 'INSERT' OR 'DELETE' OR 'UPDATE' OR 'OR' OR 'AND') in web logs

📊 Metadata

CVE ID: CVE-2024-57098

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

EPSS Score: 0.17% exploit probability (37.8th percentile)

Published: February 3, 2025

Last Updated: October 2, 2025

🔗 References

https://github.com/deep-project/moss/issues/13 Exploit,Issue Tracking

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-57098, you might also want to check these: