CVE-2024-7099

netease-youdao/qanything version 1.4.1 contains a vulnerability where unsafe data obtained from user input is concatenated in SQL queries, leading to SQL injection. The affected functions include `get_knowledge_base_name`, `from_status_to_status`, `delete_files`, and `get_file_by_status`. An attacker can exploit this vulnerability to execute arbitrary SQL queries, potentially stealing information from the database. The issue is fixed in version 1.4.2.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector : AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/netease-youdao/qanything/commit/a87354f09d93e95350fb45eb343dc75454387554
https://huntr.com/bounties/bc98983e-06cc-4a4b-be01-67e5010cb2c1

Configurations

No configuration.

History

15 Oct 2024, 12:57

Type	Values Removed	Values Added
Summary		(es) La versión 1.4.1 de netease-youdao/qanything contiene una vulnerabilidad en la que los datos no seguros obtenidos de la entrada del usuario se concatenan en consultas SQL, lo que provoca una inyección SQL. Las funciones afectadas incluyen `get_knowledge_base_name`, `from_status_to_status`, `delete_files` y `get_file_by_status`. Un atacante puede aprovechar esta vulnerabilidad para ejecutar consultas SQL arbitrarias, lo que podría robar información de la base de datos. El problema se solucionó en la versión 1.4.2.

13 Oct 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-13 21:15

Updated : 2024-10-15 12:57

NVD link : CVE-2024-7099

Mitre link : CVE-2024-7099

CVE.ORG link : CVE-2024-7099

JSON object : View

Products Affected

No product.

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

9.8 /10