-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| github.com/lf-edge/ekuiper/v2 | go | < 2.2.1 | 2.2.1 |
GoGoMiggo AIRoot Cause AnalysisThe vulnerability is a classic SQL injection found in the eKuiper project. The root cause is the direct use of user-supplied input to construct SQL queries using fmt.Sprintf, without proper sanitization or validation. The primary vulnerable function identified is getLast in internal/pkg/store/sql/sqlTs.go, which is responsible for fetching the last record from a given table. An attacker could manipulate the table parameter in an API request to inject malicious SQL code, leading to potential data exfiltration, modification, or deletion.
The analysis of the provided patch 72c4918744934deebf04e324ae66933ec089ebd3 confirms this. The patch introduces a validation function, isValidTableName, to check the table name before it's used in the getLast function. Additionally, the patch corrects the usage of prepared statements, which is a standard defense against SQL injection.
A similar vulnerability was also identified and fixed in the createSqlTs function within the same file. This function also used fmt.Sprintf to construct a CREATE TABLE query, which is another entry point for injection. The fix applied was similar, ensuring that user input is not directly concatenated into the SQL query string.
Therefore, any runtime profile during an exploit of this vulnerability would show calls to the getLast function, and potentially the createSqlTs function, as these are the locations where the unsanitized input is processed and the malicious SQL queries are executed.
Ongoing coverage of React2Shell