High-Severity SQL Injection Vulnerability Found in Casdoor IAM/SSO Platform
A high-severity SQL Injection vulnerability, CVE-2022-24124, has been discovered in Casdoor, an Identity and Access Management (IAM) and Single-Sign-On (SSO) platform. The issue was reported on Jan 22, 2022, and affects versions before 1.13.1.
The vulnerability, discovered by cybersecurity researcher Chaitanya K., exists in the query API due to insufficient input validation. It allows skilled attackers to exploit the system by injecting XPATH functions like UpdateXML() or ExtractValue() into the field parameter. Organizations using vulnerable versions are advised to upgrade to 1.13.1 or later to remediate the issue.
Qualys Web Application Scanning has released a new QID (150470) to detect this vulnerability. The CVSS V3 score for this vulnerability is 7.5. A simple proof of concept is publicly available, making exploitation easier. Qualys has also developed a PoC exploit that bypasses the limited character output restriction and dumps entire file contents.
In summary, Casdoor versions below 1.13.1 are vulnerable to a high-severity SQL Injection attack. Organizations are urged to upgrade to the patched version to mitigate the risk. The vulnerability has a CVSS V3 score of 7.5 and can be exploited using publicly available PoC exploits.
