HomePentest-Tools.com Logo

Moveit Transfer - SQLi (CVE-2023-34362)

Severity
CVSSv3 Score
9.8
Vulnerability description

Moveit Transfer server is vulnerable to CVE-2023-34362, a SQL injection vulnerability that can be leveraged to achieve Remote Code Execution, affecting the /MOVEitISAPI/MOVEitISAPI.dll endpoint. The root cause of this vulnerability is improper sanitization of user-provided input inside the X-siLock-SessVar headers. This vulnerability allows an unauthenticated remote attacker to interact with the underlying MySQL database in order to control metadata regarding the sysadmin user which gives them access to the admin API which ultimately leads to Remote Code Execution.

Risk description

The risk exists that an unauthenticated remote attacker could leverage the SQL Injection vulnerability to gain control of the admin API in order to gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.

Recommendation

Update the Moveit Transfer server to one of the currently fixed versions: 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2).

Codename
Not available
Detectable with
Network Scanner
Exploitable with Sniper
No
Vuln date
Jun 2023
Published at
Updated at
Software Type
Managed File Transfer
Vendor
Ipswitch
Product
Moveit Transfer