CVE-2021-27828
published 2021-06-01CVE-2021-27828: SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by…
PriorityP267critical9.1CVSS 3.1
AVNACLPRNUINSUCNIHAH
EXPLOIT
EPSS
20.28%
97.1th percentile
SQL injection in In4Suite ERP 3.2.74.1370 allows attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| in4velocity | in4suite_erp | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP POST requests to /CheckLogin.asp containing SQL injection patterns in the 'txtLoginId' parameter, particularly payloads with OR conditions (e.g., OR '1=1) or anomalous quote characters in 'hdnPwdEncrypt'. ↗
- →Flag POST requests to /CheckLogin.asp where the 'hdnPwdEncrypt' field contains only a double-quote or whitespace-padded quote, which is indicative of the error-triggering probe for this vulnerability. ↗
- →The vulnerable parameter is 'txtLoginId' in the login form of In4Suite ERP 3.2.74.1370; alert on any non-alphanumeric SQL metacharacters (quotes, OR, comment sequences) submitted in this field via POST to /CheckLogin.asp. ↗
- ·The exploit was tested on Windows only; detection rules targeting this endpoint should account for the Windows-hosted ASP environment. ↗
- ·The exploit targets a specific version (3.2.74.1370); detections should be scoped to environments running this exact version of In4Suite ERP. ↗
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2021-06-01
Published