CVE-2024-52874 is a high-severity SQL injection vulnerability affecting Infoblox NETMRI versions prior to 7.6.1. NETMRI is a network automation and management platform widely used for network device discovery, configuration management, and compliance monitoring. The vulnerability allows an authenticated user with low privileges (PR:L) to perform SQL injection attacks due to improper input sanitization in the application. Exploiting this flaw requires network access and valid credentials but does not require user interaction beyond authentication. The CVSS 3.1 base score of 8.8 reflects the critical impact on confidentiality, integrity, and availability (all rated high). An attacker exploiting this vulnerability can execute arbitrary SQL commands on the backend database, potentially leading to unauthorized data disclosure, data modification, or deletion, and disruption of network management operations. Since NETMRI is a critical tool for network infrastructure management, compromise could cascade into broader network outages or manipulation of network device configurations. No public exploits have been reported yet, and no official patches are linked in the provided data, but the vulnerability is publicly disclosed and should be addressed promptly.

For European organizations, the impact of this vulnerability can be significant, especially for enterprises, service providers, and government agencies relying on Infoblox NETMRI for network management. Successful exploitation could lead to exposure of sensitive network topology and configuration data, enabling further lateral movement or targeted attacks. Integrity breaches could result in unauthorized changes to network device configurations, potentially causing outages or security policy violations. Availability impacts could disrupt network monitoring and automation workflows, delaying incident response and increasing operational risk. Given the critical role of network infrastructure in sectors such as finance, telecommunications, energy, and public administration across Europe, this vulnerability poses a substantial risk to operational continuity and data security.

To mitigate this vulnerability, European organizations should immediately verify their NETMRI version and upgrade to version 7.6.1 or later where the issue is resolved. In the absence of an official patch, organizations should restrict NETMRI access strictly to trusted administrators and enforce strong authentication controls, including multi-factor authentication. Network segmentation should be applied to isolate NETMRI servers from general user networks. Monitoring and logging of database queries and application logs should be enhanced to detect anomalous SQL activity. Additionally, conduct a thorough review of user privileges within NETMRI to ensure the principle of least privilege is enforced. Organizations should also prepare incident response plans specific to potential exploitation scenarios involving network management systems.