CVE-2021-3018 Scanner

IPeakCMS is a content management system developed by ipeak Infosystems, widely used for creating and managing digital content for various businesses and organizations. Generally used by web developers and designers, it helps streamline content management with built-in tools and plugins. Businesses often utilize IPeakCMS for setting up and maintaining their online presence through comprehensive website management features. This software supports SEO integration, multimedia management, and user-friendly interface customization, which are crucial for businesses to enhance their digital marketing efforts. Due to these features, it is suitable for small to mid-sized companies and NGOs that need an affordable and efficient CMS solution.

SQL Injection in IPeakCMS allows unauthorized users to inject arbitrary SQL commands through unsanitized parameters. The vulnerability can be exploited by attackers to manipulate the backend database, leading to unauthorized data access or data manipulation. This specific vulnerability is found in the 'id' parameter of the '/cms/print.php' endpoint, where inputs are not properly validated. The exploitation of this vulnerability does not require any authentication, making it critical and accessible to remote attackers. If successfully exploited, the vulnerability could lead to significant data breach incidents or even compromise the entire database system. It is imperative to address this vulnerability with high priority due to its critical exposure level and CVSS score.

The SQL Injection vulnerability exists in the ipeakCMS software due to inadequate input handling and lack of parameterized queries. Specifically, the issue arises within the id parameter in the /cms/print.php file, where failing to sanitize input values allows attackers to craft malicious SQL queries. Using SQL queries like 'id=1%20AND%207334=BENCHMARK(8000000,MD5(0x73636a72))', an attacker can leverage time-based blind SQL Injection attacks to retrieve sensitive information. The lack of input validation makes the endpoint susceptible to executing arbitrary SQL commands. This allows attackers to enumerate database details or potentially corrupt database contents.

Exploitation of this SQL Injection vulnerability in IPeakCMS can have severe consequences including unauthorized data access, data manipulation, or full database exposure. Attackers can compromise sensitive data, such as user credentials and private business records. The inability to control database actions could lead to operational disruptions by deleting or modifying essential data. Furthermore, exploiting this flaw can serve as a gateway for attackers to escalate privileges or insert malicious scripts into the CMS, further compromising website security. The business risk is considerableloss of customer trust, compliance violations, and potentially severe financial impacts can be expected.

REFERENCES

• https://github.com/M4DM0e/m4dm0e.github.io/blob/gh-pages/_posts/2020-12-07-ipeak-cms-sqli.md
• https://m4dm0e.github.io/2020/12/07/ipeak-cms-sqli.html
• https://nvd.nist.gov/vuln/detail/CVE-2021-3018