CVE-2026-4287
Received Received - Intake
SQL Injection in Tiandy Easy7 Endpoint Enables Remote Exploitation

Publication date: 2026-03-17

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in Tiandy Easy7 Integrated Management Platform 7.17.0. The affected element is an unknown function of the file /rest/devStatus/queryResources of the component Endpoint. Performing a manipulation of the argument areaId results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-17
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-03-17
EPSS Evaluated
2026-05-05
NVD
CVE-2026-4287
EUVD
EUVD-2026-12529
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tiandy easy7_integrated_management_platform 7.17.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2026-4287 is a critical SQL injection vulnerability found in Tiandy Easy7 Integrated Management Platform version 7.17.0. The flaw exists in the REST API endpoint /rest/devStatus/queryResources due to improper sanitization of the areaId parameter.

This vulnerability allows a remote, unauthenticated attacker to inject malicious SQL code, enabling them to execute arbitrary SQL commands on the backend database.

Exploitation requires no user interaction and can lead to bypassing security controls, potentially compromising the confidentiality, integrity, and availability of the system.


How can this vulnerability impact me? :

Exploiting this vulnerability can have severe impacts including full extraction of sensitive database contents, unauthorized modification of data, and complete compromise of the system’s confidentiality, integrity, and availability.

Since the attack can be performed remotely without authentication, it poses a high risk of unauthorized access and control over the affected system.


How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

I don't know


How can this vulnerability be detected on my network or system? Can you suggest some commands?

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by monitoring and testing the REST API endpoint `/rest/devStatus/queryResources` for SQL injection attempts, specifically targeting the `areaId` parameter.'}, {'type': 'paragraph', 'content': 'Since the vulnerability allows Boolean-based blind SQL injection remotely without authentication, detection can involve sending crafted HTTP requests with malicious payloads in the `areaId` parameter and observing the responses for anomalies or differences indicating SQL injection.'}, {'type': 'paragraph', 'content': 'Example commands using curl to test the vulnerability might include:'}, {'type': 'list_item', 'content': "curl -X GET 'http://<target>/rest/devStatus/queryResources?areaId=1' -v"}, {'type': 'list_item', 'content': "curl -X GET 'http://<target>/rest/devStatus/queryResources?areaId=1%20AND%201=1' -v"}, {'type': 'list_item', 'content': "curl -X GET 'http://<target>/rest/devStatus/queryResources?areaId=1%20AND%201=2' -v"}, {'type': 'paragraph', 'content': 'Differences in the responses between the last two requests may indicate the presence of SQL injection.'}] [1, 2]


What immediate steps should I take to mitigate this vulnerability?

There are no known patches or fixes available from the vendor for this vulnerability.

Immediate mitigation steps include:

  • Restrict access to the vulnerable endpoint `/rest/devStatus/queryResources` by implementing network-level controls such as firewalls or access control lists to limit exposure.
  • Monitor and block suspicious requests that manipulate the `areaId` parameter with potentially malicious input.
  • Consider deploying Web Application Firewalls (WAFs) with rules to detect and block SQL injection attempts targeting this endpoint.
  • Evaluate replacing the affected Tiandy Easy7 Integrated Management Platform 7.17.0 with an alternative solution that is not vulnerable.

Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart