CVE-2024-28145 is an SQL injection vulnerability identified in the Scan2Net product by Image Access GmbH. The flaw resides in the /class/dbconnect.php file, where several HTTP GET parameters—specifically search, table, field, and value—are improperly sanitized, allowing an attacker to inject malicious SQL commands. The vulnerability is categorized under CWE-89, indicating improper neutralization of special elements in SQL commands. An attacker can exploit this vulnerability without authentication or user interaction, but local network access is required (AV:L). The injection can be performed using the UNION keyword, enabling attackers to extract or manipulate database records. The CVSS 3.1 base score is 5.9 (medium severity), reflecting limited impact on confidentiality, integrity, and availability, but with low attack complexity and no privileges required. No patches or known exploits are currently available, increasing the urgency for organizations to apply mitigations proactively. The vulnerability affects all versions indicated as '0' in the data, suggesting possibly all current versions or an unspecified range. The flaw could be leveraged to access sensitive information, modify data, or disrupt service operations, especially in environments where Scan2Net devices are integrated into critical workflows.

For European organizations, this vulnerability poses a moderate risk primarily to those using Scan2Net devices in networked environments. Exploitation could lead to unauthorized data disclosure, data tampering, or denial of service, impacting operational continuity and data confidentiality. Sectors such as government, manufacturing, and engineering firms that rely on Scan2Net for document scanning and processing could face disruptions or data breaches. The unauthenticated nature of the attack increases risk, especially in environments with insufficient network segmentation or weak perimeter defenses. Although the attack requires local network access, insider threats or compromised internal hosts could exploit this vulnerability. The lack of known exploits reduces immediate risk but also means organizations should act before attackers develop weaponized code. Data privacy regulations like GDPR heighten the consequences of data breaches resulting from this vulnerability, potentially leading to regulatory penalties and reputational damage.

1. Restrict network access to Scan2Net devices, especially the /class/dbconnect.php endpoint, using network segmentation and firewall rules to limit exposure to trusted hosts only. 2. Deploy Web Application Firewalls (WAFs) with SQL injection detection and prevention capabilities to monitor and block malicious SQL payloads targeting the vulnerable parameters. 3. Conduct thorough input validation and sanitization on all user-supplied parameters at the application level, if possible, by applying parameterized queries or prepared statements. 4. Monitor logs for unusual or suspicious queries involving the affected parameters (search, table, field, value) to detect potential exploitation attempts. 5. Engage with Image Access GmbH for official patches or updates and apply them promptly once available. 6. Educate internal teams about the risks of local network exposure and enforce strict access controls to reduce insider threat vectors. 7. Consider deploying intrusion detection systems (IDS) tuned to detect SQL injection patterns on internal networks where Scan2Net devices operate.