CVE-2022-40122 An SQL injection vulnerability was found in the online banking system's cust_id parameter.

A hacker can exploit this to inject arbitrary SQL commands into the application and take advantage of it.

An attacker can exploit this to run operating system commands or implant malicious code into the application’s database.

Successful exploitation of this issue results in unauthorized access to an application’s database to gain access to critical functions of the application, such as user accounts.

An attacker must have access to the web server running the Net Banking System v1.0, such as when performing a penetration test.

What’s the risk?

Users of the Net Banking System v1.0 are likely to be running the application on a publicly-accessible web server.

Most customers do not patch their web servers against critical vulnerabilities.

What’s the solution?

Users of the Net Banking System v1.0 need to patch their servers as soon as possible.

How to do it?

A hacker can exploit this to run operating system commands or implant malicious code into the application’s database.

Checklist for Staying Up-to-Date on Latest Security Measures

Checklist for Staying Up-to-Date on Latest Security Measures
The following is a checklist for keeping up-to-date with the latest security measures.
1) Update your web servers against critical vulnerabilities. 2) Patch your system as soon as possible to address known issues. 3) Ensure that all users are aware of the importance of patching their systems and that they have been trained to do so. 4) Make sure you have a plan in place to address any incidents of exploitation and ensure that your plan includes regular testing. 5) Maintain a list of information about known exploits, such as in CVE-2022-40122, including how it can be exploited and who it affects.

Find out if your web server is vulnerable to this issue

To check if your web server is affected by CVE-2022-40122, you can run the following command in Burp:
curl -k https://www.mybank.com/cgi-bin/login.cgi
If your server is vulnerable, you will see output similar to:
* Hostname was NOT found in DNS cache * Trying mybank.com ... * Connected to www.mybank.com (127.0.0.1) port 80 (#0) * Escape character is '^]', not '\' * done HTTP header size: 1554

Timeline

Published on: 09/23/2022 22:15:00 UTC
Last modified on: 09/26/2022 16:36:00 UTC

References