CVE-2024-30864 identifies a SQL Injection vulnerability in netentsec NS-ASG version 6.3, located in the /admin/config_ISCGroupTimePolicy.php script. This vulnerability arises from improper validation and sanitization of user-supplied input, allowing attackers to inject arbitrary SQL queries. The attack vector is remote and requires no authentication or user interaction, increasing its potential risk. The CVSS v3.1 base score is 6.3, reflecting medium severity with low attack complexity and no privileges required. The vulnerability impacts confidentiality, integrity, and availability to a limited extent, as attackers could extract sensitive data, modify database contents, or disrupt service. Although no exploits are currently known in the wild and no official patches have been released, the presence of this vulnerability in administrative interfaces poses a significant risk. The CWE-89 classification confirms it as a classic SQL Injection flaw, a common and well-understood attack vector. Organizations using netentsec NS-ASG 6.3 should assess exposure, implement compensating controls, and monitor for suspicious activity until a patch is available.

The SQL Injection vulnerability can allow attackers to execute arbitrary SQL commands on the backend database, potentially leading to unauthorized data disclosure, data modification, or denial of service. Confidentiality is impacted as sensitive information stored in the database could be extracted. Integrity is compromised since attackers might alter or delete data, affecting system reliability. Availability could be affected if attackers execute commands that disrupt database operations or crash the application. Given the vulnerability requires no authentication and no user interaction, it can be exploited remotely by any attacker with network access to the affected endpoint. This increases the risk of automated scanning and exploitation attempts. Organizations relying on netentsec NS-ASG 6.3 for network security or administrative functions may face operational disruptions and data breaches, impacting trust and compliance. The lack of known exploits in the wild currently reduces immediate risk but does not eliminate future exploitation possibilities.

1. Immediately restrict network access to the /admin/config_ISCGroupTimePolicy.php endpoint using firewall rules or network segmentation to limit exposure to trusted administrators only. 2. Implement Web Application Firewall (WAF) rules to detect and block SQL Injection payloads targeting this endpoint. 3. Conduct thorough input validation and sanitization on all parameters accepted by the vulnerable script, employing parameterized queries or prepared statements to prevent injection. 4. Monitor application and database logs for unusual queries or error messages indicative of injection attempts. 5. Engage with netentsec support or vendor channels to obtain official patches or updates addressing this vulnerability as soon as they become available. 6. Perform regular security assessments and penetration tests focusing on administrative interfaces to identify similar vulnerabilities. 7. Educate administrators on secure configuration and access controls to minimize risk exposure. 8. Consider deploying database activity monitoring solutions to detect anomalous SQL commands in real time.