← Zuruck zu CVEs
CVE-2021-42258
CRITICALCISA KEV9.8
Beschreibung
BQE BillQuick Web Suite 2018 through 2021 before 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. SQL injection can, for example, use the txtID (aka username) parameter. Successful exploitation can include the ability to execute arbitrary code as MSSQLSERVER$ via xp_cmdshell.
CVE Details
CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht10/22/2021
Zuletzt geandert11/10/2025
Quellekev
Honeypot-Sichtungen0
CISA KEV
HerstellerBQE
ProduktBillQuick Web Suite
SchwachstellennameBQE BillQuick Web Suite SQL Injection Vulnerability
KEV Aufnahmedatum2021-11-03
Behebungsfrist2021-11-17
Ransomware-NutzungKnown
Betroffene Produkte
bqe:billquick_web_suite
Schwachen (CWE)
CWE-89CWE-89
Referenzen
https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware(cve@mitre.org)
https://www.huntress.com/blog/threat-advisory-hackers-are-exploiting-a-vulnerability-in-popular-billing-software-to-deploy-ransomware(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-42258(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.