This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis โ
Q1What is this vulnerability? (Essence + Consequences)
๐จ **Essence**: CVE-2021-47748 is a critical **OS Command Injection** flaw in Hasura GraphQL Engine. ๐ **Consequences**: Attackers can execute **arbitrary shell commands** via SQL queries.โฆ
๐ก๏ธ **Root Cause**: **CWE-78** (OS Command Injection). The flaw stems from improper handling of **SQL query operations**. Malicious input in SQL queries is interpreted as executable system commands by the backend.
Q3Who is affected? (Versions/Components)
๐ฆ **Affected**: **Hasura GraphQL Engine**. Specifically, **Version 1.3.3** is vulnerable. ๐ข **Vendor**: Hasura. ๐ **Product**: GraphQL Server. Check your deployment version immediately!
Q4What can hackers do? (Privileges/Data)
๐ **Attacker Power**: Full **Remote Code Execution**. ๐ **Data Access**: Can read/write any file on the server. ๐ **Privileges**: Execute commands with the **same privileges** as the Hasura process.โฆ
โ ๏ธ **Threshold**: **LOW**. CVSS Vector: `AV:N/AC:L/PR:N/UI:N`. ๐ซ **No Auth Required**: Publicly exploitable without authentication. ๐ **Network Accessible**: Exploitable over the network. High severity (CVSS 3.1).
Q6Is there a public Exp? (PoC/Wild Exploitation)
๐ฅ **Public Exploit**: **YES**. ExploitDB ID **49802** is available. ๐ข **Advisory**: VulnCheck has published a detailed advisory. โ ๏ธ **Risk**: Wild exploitation is likely since PoC code is public.
Q7How to self-check? (Features/Scanning)
๐ **Self-Check**: 1. Identify if you run **Hasura GraphQL Engine**. 2. Verify version is **1.3.3**. 3. Scan for exposed GraphQL endpoints. 4. Check logs for unusual SQL injection patterns targeting command execution.
Q8Is it fixed officially? (Patch/Mitigation)
๐ง **Official Fix**: **YES**. Hasura has released patches. ๐ฅ **Action**: Upgrade to a **fixed version** immediately. Visit the [GitHub Repository](https://github.com/hasura/graphql-engine) for the latest secure release.โฆ
๐ง **No Patch?**: 1. **Isolate** the server from the internet. 2. **Restrict** network access to trusted IPs only. 3. **Monitor** logs for command injection attempts. 4.โฆ
๐ฅ **Urgency**: **CRITICAL / IMMEDIATE**. ๐จ **Priority**: P0. With **No Auth** and **Public Exploits**, this is an active threat. ๐ **Action**: Patch or isolate **TODAY**. Do not wait for scheduled maintenance.