CVE-2020-9465: 
EyesOfNetwork vulnerability analysis and mitigation

An SQL injection vulnerability was discovered in EyesOfNetwork eonweb versions 5.1 through 5.3 before 5.3-3 (CVE-2020-9465). The vulnerability exists in the eonweb web interface, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie (CVE Details, MITRE).

The vulnerability exists in the file eonweb/include/classes/Translator.class.php where user input from the cookie user_id is not properly sanitized before being used in SQL queries. The injection is possible on pages like index.php, login.php and logout.php without requiring prior authentication. An example of exploitation involves using SQL UNION queries with the sleep function: 'Cookie: user_id=1' union select sleep(3) --' (GitHub Issue).

The successful exploitation of this SQL injection vulnerability can allow attackers to obtain administrative access to the application through techniques such as retrieving admin session IDs or dumping the users table (GitHub Issue).

The vulnerability was patched in EyesOfNetwork eonweb version 5.3-3. Users are advised to upgrade to this version or later to address the SQL injection vulnerability (GitHub Release).