cbcvebase.
CVE-2021-27828
published 2021-06-01

CVE-2021-27828: SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by…

PriorityP267critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EXPLOIT
EPSS
20.28%
97.1th percentile
SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.

Affected

1 ranges
VendorProductVersion rangeFixed in
in4velocityin4suite_erp

Detection & IOCsextracted from sources · hover to see the quote

url/CheckLogin.asp
commandtxtLoginId=admin OR '1=1&txtpassword=test&cmbLogin=Login&hdnPwdEncrypt="
  • Monitor HTTP POST requests to /CheckLogin.asp containing SQL injection patterns in the 'txtLoginId' parameter, particularly payloads with OR conditions (e.g., OR '1=1) or anomalous quote characters in 'hdnPwdEncrypt'.
  • Flag POST requests to /CheckLogin.asp where the 'hdnPwdEncrypt' field contains only a double-quote or whitespace-padded quote, which is indicative of the error-triggering probe for this vulnerability.
  • The vulnerable parameter is 'txtLoginId' in the login form of In4Suite ERP 3.2.74.1370; alert on any non-alphanumeric SQL metacharacters (quotes, OR, comment sequences) submitted in this field via POST to /CheckLogin.asp.
  • ·The exploit was tested on Windows only; detection rules targeting this endpoint should account for the Windows-hosted ASP environment.
  • ·The exploit targets a specific version (3.2.74.1370); detections should be scoped to environments running this exact version of In4Suite ERP.

CVSS provenance

nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.