CVE-2024-45876 identifies a SQL injection vulnerability in the baltic-it TOPqw Webportal version 1.35.283.2, specifically in the login form located at /Apps/TOPqw/Login.aspx. The vulnerability arises from insufficient sanitization of the POST parameter txtUsername, which is used directly in SQL queries. This flaw allows an unauthenticated attacker to inject malicious SQL code, potentially manipulating the backend database queries. The vulnerability does not require any privileges or user interaction, making it remotely exploitable over the network. The impact primarily affects confidentiality and integrity, enabling attackers to read or alter sensitive data stored in the database. However, availability is not impacted by this vulnerability. The vendor addressed this issue in version 1.35.283.4, but no public exploit code or active exploitation has been reported to date. The vulnerability is classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command). The CVSS v3.1 base score is 6.5, reflecting a medium severity with network attack vector, low attack complexity, no privileges required, no user interaction, and partial impact on confidentiality and integrity.

The potential impact of CVE-2024-45876 on organizations worldwide includes unauthorized access to sensitive user credentials or other confidential data stored within the TOPqw Webportal database. Attackers could manipulate SQL queries to bypass authentication, extract user data, or alter stored information, leading to data breaches or integrity violations. Although availability is not affected, the compromise of confidentiality and integrity can result in reputational damage, regulatory penalties, and operational disruptions. Organizations relying on the affected version of the TOPqw Webportal, especially those handling sensitive or regulated data, face increased risk. The absence of known exploits reduces immediate threat but does not eliminate the risk of future exploitation. Attackers could leverage this vulnerability as an entry point for further lateral movement or privilege escalation within the network.

To mitigate CVE-2024-45876, organizations should immediately upgrade the baltic-it TOPqw Webportal to version 1.35.283.4 or later, where the vulnerability has been fixed. In addition to patching, implement strict input validation and parameterized queries or prepared statements to prevent SQL injection in all web application inputs. Employ web application firewalls (WAFs) configured to detect and block SQL injection attempts targeting the txtUsername parameter. Conduct regular security assessments and code reviews focusing on input handling and database query construction. Monitor application logs for unusual login attempts or suspicious query patterns indicative of injection attempts. Limit database user privileges to the minimum necessary to reduce potential damage from successful injection. Finally, educate development teams on secure coding practices to prevent similar vulnerabilities in future releases.