Critical SQL Injection Exploit in URL Paths: Bounty Report

Exposing Critical Vulnerabilities: How a Simple SQL Injection Can Compromise Entire Databases

Introduction

A recent security report exposed a critical SQL Injection (SQLi) vulnerability within the URL path of an MTN Group web application. This vulnerability, discovered by security researcher @almuntadhar, could potentially allow attackers to gain unauthorized access to sensitive database information. Let’s break down the vulnerability, its impact, and how attackers can exploit such flaws.

Vulnerability Overview

• Vulnerability Type: SQL Injection in URL Paths
• Severity: Critical (9.0–10)
• Reported On: January 26, 2025
• Disclosed On: March 6, 2025
• Affected Platform: MTN Group
• Weakness Category: Improper Input Validation (SQL Injection)

Details of the Vulnerability

The vulnerability was found in the customerId parameter within the following URL path:

https://seesure.admyntec.co.za/customerInsurance/newCustomerStep5Pending/customerId/732562/contactPersonId/0/msisdn/