Researchers at Huntress Labs discovered a recent ransomware incident that was initiated by an exploitation of CVE-2021-42258 via an SQL injection vulnerability in the login page of the BQE BillQuick Web Suite. CVE-2021-42258 was successfully exploited in order to access and deploy ransomware on the network of an engineering company utilizing BQE’s solution. The vulnerability allows for remote code execution (RCE) within the on-premise Windows servers running this application. The vulnerabilities tracked by Huntress Labs that affect the BillQuick Web Suite include CVE-2021-44258, 42344 through 42346, 44571 through 42573, and 42741 and 42742.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is