Back to overview

CVE-2024-58352

HIGH Exploitation: PoC
7.5
CVSS 3.1
Description
Landray OA contains an unauthenticated HQL injection vulnerability that allows unauthenticated attackers to query arbitrary Hibernate entity classes by injecting malicious HQL syntax into the uid POST parameter of the wechatLoginHelper.do endpoint. Attackers can exploit the lack of input sanitization in the string-concatenated filter expression passed to the Hibernate findList() call to extract sensitive data such as administrator password hashes and, with sufficient database privileges, perform file-write operations enabling remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2024-03-11 (UTC).

Metadata

CVE ID
CVE-2024-58352
State
PUBLISHED
Assigner
VulnCheck
Reserved
2026-06-08 15:20 UTC
Published
2026-07-02 17:05 UTC
Last updated
2026-07-02 17:49 UTC
Primary CWE
CWE-564
SQL Injection: Hibernate
Vendor / Product
Shenzhen Landray Software Co., Ltd. / Landry Office Automation (OA)
Sources
cve.org  ·  NVD

Severity & Metrics

7.5 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Exploitation
PoC
Automatable
yes
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
Shenzhen Landray Software Co., Ltd. Landry Office Automation (OA) *
Weakness (CWE)
CWESourceDescription
CWE-564 cna SQL Injection: Hibernate
CVSS scores (2)
ScoreSeverityVersionSourceVector
8.7 HIGH 4.0 cna CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
7.5 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Back to overview