cbcvebase.
CVE-2019-19245
published 2019-12-02

CVE-2019-19245: NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are…

PriorityP266critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
7.94%
94.0th percentile
NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication SQL Injection via the /elegant6/login LoginForm[username] field when double quotes are used.

Affected

1 ranges
VendorProductVersion rangeFixed in
napcxinet_elegant_6_asset_library

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://<IP>:<PORT>/elegant6/login
path/elegant6/login
otherLoginForm[username]
versionElegant 6 Asset Library 6.1.655
otherCDbCommand
  • Detect unauthenticated POST requests to /elegant6/login containing double-quote characters in the LoginForm[username] parameter, which is the vulnerable injection point.
  • Monitor POST bodies to /elegant6/login for the payload structure: LoginForm[password]=&LoginForm[rememberMe]=0&LoginForm[username]=<SQL>&yt0, which is the required parameter set for exploitation.
  • Alert on HTTP responses from /elegant6/login containing the string 'CDbCommand', which indicates a SQL injection error is being leaked in the response body and confirms successful injection triggering.
  • Flag GET requests to /elegant6/login where the response body contains the fingerprint string 'Elegant",appVersion:"6.1.655' as this is used by the exploit to confirm a vulnerable target before launching the injection.
  • Detect rapid sequential POST requests to /elegant6/login (default 20 iterations with 0.3s sleep) from a single source IP, indicative of automated SQL LIMIT-clause enumeration used by the exploit.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.