SolarWinds Storage Resource Monitor Profiler < 6.2.3 Hotfix 1 RulesMetaData SQLi RCE
Critical Nessus Plugin ID 91917
SynopsisA web application running on the remote host is affected by a remote code execution vulnerability.
DescriptionThe version of SolarWinds Storage Resource Monitor (SRM) Profiler (formerly SolarWinds Storage Manager) running on the remote host is prior to 6.2.3 Hotfix 1. It is, therefore, affected by a remote code execution vulnerability in ScriptServlet due to a failure to sanitize user-supplied input to the addNewRule() method of RulesMetaData. An unauthenticated, remote attacker can exploit this, via SQL injection, to disclose or manipulate arbitrary data in the back-end database or to execute arbitrary code with SYSTEM privileges.
SolutionUpgrade to SolarWinds SRM Profiler version 6.2.3 Hotfix 1 or later.