Unauthenticated Blind SQL Injection | RSI queue management system - V 3.0 | CVE-2025-26086
RSI Queue v3.0 存在未认证盲注 SQL 注入漏洞(CVE-2025-26086),影响 TaskID 参数。攻击者可通过恶意 SQL 负载触发服务器延迟,推断数据库内容。已修复。 2025-5-17 02:39:12 Author: seclists.org(查看原文) 阅读量:35 收藏
RSI Queue v3.0 存在未认证盲注 SQL 注入漏洞(CVE-2025-26086),影响 TaskID 参数。攻击者可通过恶意 SQL 负载触发服务器延迟,推断数据库内容。已修复。 2025-5-17 02:39:12 Author: seclists.org(查看原文) 阅读量:35 收藏
Full Disclosure mailing list archives
From: Shaikh Shahnawaz <sshahnawaz99910 () gmail com>
Date: Fri, 9 May 2025 16:46:48 +0400
[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor of Product] RSI Queue (https://www.rsiqueue.com/) [Vulnerability Type] Blind SQL Injection [Affected Component] The vulnerable component is the TaskID parameter in the get request. [CVE Reference] CVE-2025-26086 [Security Issue] An unauthenticated blind SQL injection vulnerability exists in RSI Queue Management System v3.0 within the TaskID parameter of the get request handler. Attackers can remotely inject time-delayed SQL payloads to induce server response delays, enabling time-based inference and iterative extraction of sensitive database contents without authentication. [Attack Vectors] An attacker sends malicious SQL payloads in the TaskID parameter to trigger time delays. The server executes these queries, and the response time reveals boolean results, enabling iterative database enumeration. [Network Access] Remote [Severity] Critical [Disclosure Timeline] Vendor Notification: October 16, 2024 Vendor released fixed: May 2, 2025 _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- Unauthenticated Blind SQL Injection | RSI queue management system - V 3.0 | CVE-2025-26086 Shaikh Shahnawaz (May 16)
文章来源: https://seclists.org/fulldisclosure/2025/May/21
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh