CVE-2022-21210
published 2022-04-14CVE-2022-21210: An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL…
PriorityP268high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
69.83%
99.3th percentile
An SQL injection vulnerability exists in the AssetActions.aspx functionality of Lansweeper lansweeper 9.1.20.2. A specially-crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| lansweeper | lansweeper | — | — |
Detection & IOCsextracted from sources · hover to see the quote
snort↗
SID 58884 - 58894
- →Exploitation requires an authenticated HTTP request targeting AssetActions.aspx; monitor for authenticated requests to this endpoint containing SQL metacharacters or injection payloads. ↗
- →Apply Snort SIDs 58884–58894 on network sensors to detect active exploitation attempts against this vulnerability. ↗
- ·Exploitation requires the attacker to be authenticated and have proper permissions; unauthenticated access alone is insufficient to trigger the vulnerability. ↗
- ·Only Lansweeper version 9.1.20.2 is confirmed vulnerable; version 9.2.0 contains the fix. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.06.6MEDIUMCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Talos
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
blogs_talos·2022-02-24·CVSS 4.8
[MEDIUM] Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
## Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device.
Lansweeper gathers the hardware and software information of computers and other devices on a computer network for management, compliance and audit purposes. There are vulnerabilities in multiple .aspx files contained in Lansweeper that, if targeted correctly, could allow an adversary to inject malicious code.
TALOS-2022-1441 (CVE-2022-22149), TALOS-2022-1443 (CVE-2022-21234) and TALOS-2022-1444 (CVE-2022-21210) can all be triggered
Talos
Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
blogs_talos·2022-02-24·CVSS 4.8
[MEDIUM] Vulnerability Spotlight: Vulnerabilities in Lansweeper could lead to JavaScript, SQL injections
Marcin “Icewall” Noga of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered multiple vulnerabilities in the Lansweeper IT asset management solution that could allow an attacker to inject JavaScript or SQL code on the targeted device.
Lansweeper gathers the hardware and software information of computers and other devices on a computer network for management, compliance and audit purposes. There are vulnerabilities in multiple .aspx files contained in Lansweeper that, if targeted correctly, could allow an adversary to inject malicious code.
TALOS-2022-1441 (CVE-2022-22149), TALOS-2022-1443 (CVE-2022-21234) and TALOS-2022-1444 (CVE-2022-21210) can all be triggered if the attacker sends the targeted device a specially crafted HTTP request. The HTTP request can tri
2022-04-14
Published