Tag
Anyquery Server-Side Request Forgery via Unrestricted SQLite Virtual Table Modules
3 rules 4 TTPsUnauthenticated attackers can exploit a Server-Side Request Forgery (SSRF) vulnerability (CVE-2026-54628) in Anyquery's `server` mode (versions prior to 0.4.5) by creating SQLite virtual tables that fetch internal network resources or cloud metadata, leading to internal network mapping and exfiltration of sensitive information like cloud credentials.
Anyquery Arbitrary File Write (AFW) Leads to Remote Code Execution (RCE)
3 rules 4 TTPsAnyquery in server mode is vulnerable to arbitrary file write (AFW) due to its failure to restrict native SQLite disk manipulation commands like `ATTACH DATABASE`. Unauthenticated attackers can connect to the MySQL-compatible server port and write arbitrary files (e.g., PHP webshells, malicious cronjobs) to any path writable by the Anyquery process, which can lead to remote code execution (RCE) with the privileges of the Anyquery process, significantly impacting system integrity and availability.