N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-ccj3-5p93-8p42

EPSS Score

CWE

CWE-77

Published

4/11/2025

Updated

4/11/2025

KEV Status

Technology

Rust

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-ccj3-5p93-8p42

GHSA-ccj3-5p93-8p42:
SurrealDB server-takeover via SurrealQL injection on backup import

The SurrealDB command-line tool allows exporting databases through the export command. It was discovered that table or field names are not properly sanitized in exports, leading to a SurrealQL injection when the backup is reimported.

For the injection to occur, an authenticated System User with OWNER or EDITOR roles needs to create tables or fields with malicious names containing SurrealQL, subsequently exported using the export operation

The attacker could achieve a privilege escalation and root level access to the SurrealDB instance if a higher privileged user subsequently performs the import operation.

Furthermore, applications using SurrealDB that allow its users to define custom fields or tables are at risk of a universal second order SurrealQL injection, even if query parameters are properly sanitized.

This issue was discovered and patched during an code audit and penetration test of SurrealDB by cure53, the severity defined within cure53's preliminary finding is Critical, matched by our CVSS v4 assessment.

Impact

This attack can be used to perform privilege escalation and complete takeover (root access) of the SurrealDB instance, as well as being able to perform SurrealQL injection attacks against co-tenanted applications where SurrealDB is used as a shared backend for multiple applications.

Patches

A patch has been created that addresses the issue by fixing the bugs in the exporter which failed to escape some characters properly.

Versions 2.0.5, 2.1.5, 2.2.2 and later are not affected by this issue.

Workarounds

For SurrealDB users that are unable to upgrade, users that are looking to perform import operations must manually inspect the exported data for injected statements, prior to importing.

References

SurrealDB Documentation - Export SurrealDB Documentation - Import SurrealDB Documentation - Authentication

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-ccj3-5p93-8p42

EPSS Score

CWE

CWE-77

Published

4/11/2025

Updated

4/11/2025

KEV Status

Technology

Rust

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
surrealdb	rust	>= 2.2.0, < 2.2.2	2.2.2
surrealdb	rust	>= 2.1.0, < 2.1.5	2.1.5
surrealdb	rust	< 2.0.5	2.0.5

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability occurs because table and field names, and potentially other string-like identifiers, were not properly sanitized during the export operation. This allowed SurrealQL to be injected into the export file, which would then be executed upon import. The analysis of the patch commit b86f6ac5cdb4831c0ee1ed9004293c860c4a7337 reveals two main areas of concern:

The primary Transaction::export function in crates/core/src/kvs/export.rs was modified to specifically handle escaping of names within comments (using InlineCommentDisplay), indicating this was a previous weakness.
Numerous Display::fmt implementations for SQL types (like Ident, Table, Id, Strand, Object keys) in crates/core/src/sql/ were changed to use new, more robust escaping mechanisms (e.g., EscapeIdent, QuoteStr, EscapeKey) instead of older, flawed functions (e.g., escape_ident, quote_str, escape_key). These fmt functions are responsible for converting the raw names/values into their string representations for the export. If these representations were not correctly escaped, they formed the basis of the injection. The identified functions are those that either directly constructed the vulnerable export output or were responsible for the faulty string serialization of elements used in that output.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** Surr**l** *omm*n*-lin* tool *llows *xportin* **t***s*s t*rou** t** `*xport` *omm*n*. It w*s *is*ov*r** t**t t**l* or *i*l* n*m*s *r* not prop*rly s*nitiz** in *xports, l***in* to * Surr**lQL inj**tion w**n t** ***kup is r*import**. *or t** inj**

Reasoning

T** vuln*r**ility o**urs ****us* t**l* *n* *i*l* n*m*s, *n* pot*nti*lly ot**r strin*-lik* i**nti*i*rs, w*r* not prop*rly s*nitiz** *urin* t** `*xport` op*r*tion. T*is *llow** Surr**lQL to ** inj**t** into t** *xport *il*, w*i** woul* t**n ** *x**ut**

N/A

Basic Information

Concerned about an active attack path?

GHSA-ccj3-5p93-8p42: SurrealDB server-takeover via SurrealQL injection on backup import

Impact

Patches

Workarounds

References

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

GHSA-ccj3-5p93-8p42:
SurrealDB server-takeover via SurrealQL injection on backup import

Vulnerability Intelligence
Miggo AI