CVE-2021-30117

Name of the Vulnerable Software and Affected Versions Kaseya VSA versions prior to 9.5.6

Description The issue is related to a semi-authenticated boolean-based blind SQL injection in the fldrId parameter of the /InstallTab/exportFldr.asp API endpoint. This allows a remote attacker to execute arbitrary SQL code. The vulnerability can be exploited by manipulating the fldrId parameter, as demonstrated by setting it to (SELECT (CASE WHEN (1=1) THEN 1 ELSE (SELECT 1 UNION SELECT 2) END)), which results in a successful request.

Recommendations For versions prior to 9.5.6, update to version 9.5.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the /InstallTab/exportFldr.asp API endpoint to minimize the risk of exploitation. Avoid using the fldrId parameter in the affected API endpoint until the issue is resolved.