this opens the door to both stealing data from vulnerable systems without authentication (by dumping SQL database contents) as well as planting malicious code, a detailed technical analysis by Huntress outlines: The vulnerability enables blind SQL injection via the application’s main login form. Active exploitationīQE boasts a user base of 40,000 of mostly small to medium-sized organizations worldwide, and the need for those behind the curve of patching or remediating this actively exploited vulnerability could hardly be more pressing. Huntress Threat Ops team reports that the vulnerability was exploited to get initial access onto the systems of a US engineering company prior to a ransomware attack. The CVE-2021-42258 vulnerability was patched on October 7 (PDF) but a number of systems nonetheless remain vulnerable. BillQuick customers blindsided by recently patched web security flawĬybercriminals are exploiting a vulnerability in a popular billing software platform to spread ransomware.Ī blind SQL injection vulnerability in BillQuick is being abused to distribute malware, security researchers at Huntress warn.Ĭatch up with the latest cyber-attack news and analysisīQE Software’s BillQuick Web Suite versions earlier than 22.0.9.1 allows SQL injection that gives rise to an even more serious remote code execution (RCE) risk.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |