CVE-2017-11494
published 2017-08-02CVE-2017-11494: SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter…
PriorityP267critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
3.75%
88.5th percentile
SQL injection vulnerability in SOL.Connect ISET-mpp meter 1.2.4.2 and earlier allows remote attackers to execute arbitrary SQL commands via the user parameter in a login action.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sol-connect | sol.connect_iset-mpp_meter_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
commandaction=submit&origin=%2F_45b4a69e249c1d0ab9772763f3c97e69_%2F%3Fs%3Dmain&s=login&user=admin%27+or+%271%27%3D%271+--%2B&password=asd↗
- →Monitor POST requests to the login endpoint path containing the distinctive hash-like directory segment '/_45b4a69e249c1d0ab9772763f3c97e69_/' with the parameter 's=login'. ↗
- →Detect SQL injection payloads in the 'user' POST parameter, specifically patterns such as URL-encoded single quotes and OR-based tautologies (e.g., admin' or '1'='1 --+). ↗
- →The vulnerable parameter is 'user' submitted in a login action POST body; inspect for SQL metacharacters (%27, %3D, --%2B) in this field. ↗
- ·The login endpoint path ('/_45b4a69e249c1d0ab9772763f3c97e69_/') appears to be a fixed, application-specific path for SOL.Connect ISET-mpp meter and can be used as a reliable fingerprint for this product in network detection rules. ↗
- ·Affected versions are 1.2.4.2 and earlier; detections should target this product version range specifically. ↗
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2017-08-02
Published