CVE-2024-6729
📋 TL;DR
This critical SQL injection vulnerability in SourceCodester Kortex Lite Advocate Office Management System 1.0 allows remote attackers to execute arbitrary SQL commands via the 'aname' parameter in /control/add_act.php. This could lead to unauthorized data access, modification, or deletion. Organizations using this specific software version are affected.
💻 Affected Systems
- SourceCodester Kortex Lite Advocate Office Management System
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise including data theft, data destruction, privilege escalation to administrative access, and potential server takeover.
Likely Case
Unauthorized access to sensitive client and case data, manipulation of legal records, and potential data exfiltration.
If Mitigated
Limited impact with proper input validation and database permissions, potentially only error messages or minor data exposure.
🎯 Exploit Status
Exploit details are publicly disclosed and SQL injection is a well-understood attack vector with many automated tools available.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Unknown
Vendor Advisory: https://www.sourcecodester.com/
Restart Required: No
Instructions:
1. Check vendor website for security updates. 2. If no patch available, implement workarounds. 3. Consider replacing with alternative software.
🔧 Temporary Workarounds
Input Validation Filter
allAdd parameter validation to filter SQL injection attempts in the add_act.php file
Modify /control/add_act.php to add: $aname = mysqli_real_escape_string($connection, $_POST['aname']);
Web Application Firewall
allDeploy WAF with SQL injection protection rules
🧯 If You Can't Patch
- Isolate the system behind a firewall with strict access controls
- Implement network segmentation to limit database server access
🔍 How to Verify
Check if Vulnerable:
Test the /control/add_act.php endpoint with SQL injection payloads in the 'aname' parameter and observe database errors or unexpected behavior.Check Version:
Check the software version in the admin panel or configuration files, or examine the source code for version indicators.Verify Fix Applied:
Test the same SQL injection attempts and verify they are properly sanitized or rejected without database errors.📡 Detection & Monitoring
Log Indicators:
- Unusual SQL error messages in web server logs
- Multiple requests to /control/add_act.php with suspicious parameters
- Database query errors containing SQL syntax
Network Indicators:
- Unusual SQL keywords in POST requests to /control/add_act.php
- Excessive database connections from web server
SIEM Query:
source="web_server_logs" AND uri="/control/add_act.php" AND (message="sql" OR message="syntax" OR message="database")🔗 References
- https://reports.kunull.net/CVEs/2024/CVE-2024-6729
- https://vuldb.com/?ctiid.271402
- https://vuldb.com/?id.271402
- https://vuldb.com/?submit.373488
- https://www.sourcecodester.com/
- https://reports-kunull.vercel.app/CVE%20research/2024/cve-2024-6729
- https://vuldb.com/?ctiid.271402
- https://vuldb.com/?id.271402
- https://vuldb.com/?submit.373488
