Description
Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent.
Published: 2026-03-19
Score: 8.8 High
EPSS: < 1% Very Low
KEV: No
Impact: SQL injection via authenticated headers
Action: Immediate patch
AI Analysis

Impact

The vulnerability resides in the include/session.inc.php file of Devome GRR v4.5.0 and allows an authenticated user to inject arbitrary SQL statements through forged Referer and User-Agent headers. The flaw can lead to unauthorized data exposure or modification, compromising the confidentiality and integrity of the audit database.

Affected Systems

Devome GRR version 4.5.0 is affected. No additional vendors or product versions are specified.

Risk and Exploitability

The CVSS score of 8.8 indicates high severity, while the EPSS score under 1% suggests a low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog. Attackers would need valid credentials to submit malicious headers, implying the threat is primarily internal or from compromised accounts. Successful exploitation could allow an attacker to query, tamper with, or delete audit records.

Generated by OpenCVE AI on March 24, 2026 at 03:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Devome GRR patch that rectifies the unsanitized header usage
  • If a patch is unavailable, configure the web server or reverse proxy to strip or sanitize Referer and User-Agent headers before they reach the application
  • Implement strict input validation for all header values processed by the application
  • Limit the database user’s privileges to only the operations required by the application
  • Regularly audit logs for suspicious SQL activity and perform periodic code reviews and penetration tests targeting header handling

Generated by OpenCVE AI on March 24, 2026 at 03:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
Title Authenticated SQL Injection in Devome GRR Session Handling

Tue, 24 Mar 2026 02:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-89
Metrics cvssV3_1

{'score': 8.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Devome
Devome grr
Vendors & Products Devome
Devome grr

Thu, 19 Mar 2026 14:45:00 +0000

Type Values Removed Values Added
Description Devome GRR v4.5.0 was discovered to contain multiple authenticated SQL injection vulnerabilities in the include/session.inc.php file via the referer and user-agent.
References

Subscriptions

Devome Grr
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-03-24T01:03:44.187Z

Reserved: 2026-03-04T00:00:00.000Z

Link: CVE-2026-30711

cve-icon Vulnrichment

Updated: 2026-03-24T01:03:22.639Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-19T15:16:26.813

Modified: 2026-03-24T02:16:05.100

Link: CVE-2026-30711

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T11:51:48Z

Weaknesses