CVE-2022-47105 in Jeecg-boot
Summary
by MITRE • 01/19/2023
Jeecg-boot v3.4.4 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 07/03/2025
The vulnerability identified as CVE-2022-47105 affects Jeecg-boot version 3.4.4 and represents a critical SQL injection flaw within the system's dictionary query functionality. This vulnerability resides in the component path /sys/dict/queryTableData which handles data retrieval operations for system dictionaries. The flaw allows malicious actors to inject arbitrary SQL commands through improperly sanitized input parameters, potentially compromising the entire database infrastructure. This type of vulnerability falls under CWE-89 which specifically addresses SQL injection vulnerabilities where untrusted data is incorporated into SQL queries without proper sanitization or parameterization.
The technical exploitation of this vulnerability occurs when an attacker submits crafted input to the queryTableData endpoint, bypassing normal input validation mechanisms. The system fails to properly escape or parameterize user-supplied data before incorporating it into database queries, creating an attack surface where malicious SQL code can be executed with the privileges of the database user. This vulnerability is particularly dangerous as it likely operates at the application level within the Jeecg-boot framework, potentially allowing attackers to extract sensitive information, modify database records, or even execute administrative commands on the underlying database system.
The operational impact of this vulnerability extends beyond simple data theft, as it can enable attackers to escalate privileges and gain unauthorized access to the entire database infrastructure. Given that Jeecg-boot is a popular enterprise-level framework for rapid application development, the exploitation of this vulnerability could compromise multiple applications built on this platform. The attack surface is significant as dictionary data often contains sensitive configuration information, user roles, and system metadata that could be leveraged for further attacks. This vulnerability aligns with ATT&CK technique T1071.004 which covers application layer protocol manipulation, and T1190 which addresses exploitation of remote services through SQL injection attacks.
Organizations utilizing Jeecg-boot version 3.4.4 should immediately implement mitigations including input validation, parameterized queries, and proper sanitization of all user inputs. The recommended approach involves upgrading to a patched version of Jeecg-boot that addresses this specific vulnerability, implementing web application firewalls to detect and block malicious SQL injection attempts, and conducting comprehensive security assessments of all dictionary-related components. Additionally, database access controls should be reviewed to ensure that applications use least-privilege principles, limiting the potential damage from successful exploitation. Security teams should also implement monitoring and logging mechanisms specifically designed to detect SQL injection attempts targeting the affected endpoint, as this vulnerability could be exploited by automated scanning tools that target known vulnerable components within enterprise frameworks.