Moveit Transfer - SQLi (CVE-2023-34362)
- Severity
- CVSSv3 Score
- 9.8
- Vulnerability description
Moveit Transfer server is vulnerable to CVE-2023-34362, a SQL injection vulnerability that can be leveraged to achieve Remote Code Execution, affecting the
/MOVEitISAPI/MOVEitISAPI.dll
endpoint. The root cause of this vulnerability is improper sanitization of user-provided input inside the X-siLock-SessVar headers. This vulnerability allows an unauthenticated remote attacker to interact with the underlying MySQL database in order to control metadata regarding thesysadmin
user which gives them access to the admin API which ultimately leads to Remote Code Execution.- Risk description
The risk exists that an unauthenticated remote attacker could leverage the SQL Injection vulnerability to gain control of the admin API in order to gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.
- Recommendation
Update the Moveit Transfer server to one of the currently fixed versions: 2021.0.7 (13.0.7), 2021.1.5 (13.1.5), 2022.0.5 (14.0.5), 2022.1.6 (14.1.6), and 2023.0.2 (15.0.2).
- Codename
- Not available
- Detectable with
- Network Scanner
- Exploitable with Sniper
- No
- Vuln date
- Jun 2023
- Published at
- Updated at
- Software Type
- Managed File Transfer
- Vendor
- Ipswitch
- Product
- Moveit Transfer