CVE-2022-26585 Scanner

Mingsoft MCMS is a content management system (CMS) designed to allow users to easily manage and publish content on their websites. It is commonly used by small to medium-sized businesses for creating dynamic and interactive websites. The system is open-source and offers flexibility in terms of customization, allowing users to adapt the platform to suit their specific needs. With its intuitive interface, Mingsoft MCMS supports features such as article management, website design, and e-commerce integration. It is known for its ease of use and wide range of plugins, which can extend the system’s capabilities. The CMS is used in various sectors including education, corporate websites, and e-commerce sites.

The vulnerability in Mingsoft MCMS, identified as SQL Injection (SQLi), occurs in version 5.2.7, specifically in the /cms/content/list endpoint. This vulnerability arises from improper validation and sanitization of user input in the 'categoryId' parameter. Attackers can exploit this flaw to inject arbitrary SQL commands into the database query, allowing them to access, modify, or delete data. SQL injection vulnerabilities can have severe consequences, including data breaches, unauthorized data manipulation, and complete system compromise. Since the attack can be executed without authentication, this vulnerability is critical and can be exploited remotely by any unauthenticated attacker.

The issue occurs when the 'categoryId' parameter in the /cms/content/list endpoint is not properly sanitized. By providing specially crafted input, such as 'categoryId=2' AND GTID_SUBSET(CONCAT(0x716a717871,md5({{num}}),0x716a627a71),3762) AND 'EIVI'='EIVI', an attacker can execute arbitrary SQL commands on the server’s database. This allows the attacker to retrieve sensitive data, modify records, or cause further damage to the system. The vulnerability affects all installations of Mingsoft MCMS version 5.2.7 and earlier, making it highly critical for users who have not updated their systems.

If exploited, this vulnerability can have devastating consequences, including unauthorized access to sensitive data stored in the affected database. Attackers may steal personal information, financial records, or even manipulate the contents of the website. Furthermore, an attacker can potentially delete data or corrupt the database, rendering the system unusable. In some cases, successful exploitation of this vulnerability can allow attackers to take full control of the server, leading to further attacks. The critical nature of this vulnerability emphasizes the importance of applying patches and updates as soon as they are available.

References:

• https://gitee.com/mingSoft/MCMS/issues/I4W1S9
• https://nvd.nist.gov/vuln/detail/CVE-2022-26585