CVE-2023-3047

Vulnerability

An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability exists in TMT Lockcell versions prior to 15 [1]. The flaw occurs when user-supplied input is not properly sanitized before being used in SQL queries, allowing an attacker to inject malicious SQL statements. All versions before 15 are affected.

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable endpoint without requiring any authentication or user interaction [1]. The CVSS v3 base score of 9.8 indicates the attack vector is network-based, with low complexity and no privileges required. The attacker simply needs to inject SQL commands into input fields or parameters that are passed directly to the database.

Impact

Successful exploitation allows the attacker to execute arbitrary SQL commands on the backend database [1]. This can lead to unauthorized access to sensitive data, modification or deletion of database contents, and potentially full compromise of the application and underlying server. The impact on confidentiality, integrity, and availability is rated as high.

Mitigation

The vulnerability is fixed in version 15 of TMT Lockcell [1]. Users should upgrade to version 15 or later immediately. If upgrading is not possible, implement strict input validation and use parameterized queries or prepared statements to prevent SQL injection. No other workarounds are documented in the available references.