14 DAY TRIAL // Last year in November, Vulnerability Lab experts identified a dangerous SQL Injection vulnerability on the public website owned by the Chinese Ministry of Commerce. Yesterday, on April 30, the researchers confirmed that the security hole has been addressed.
It’s probably not news to anyone that Chinese government websites are full of flaws that allow hackers, hacktivists in particular, to breach and deface them.
However, it seems that the large number of attacks they were confronted with have made Chinese authorities put some more effort into securing their public-facing sites.
If unaddressed, this particular SQL Injection flaw could have allowed an attacker to remotely execute his own SQL commands and take over the site's database management system.
The weakness, cataloged as being critical, was found by Vulnerability Lab researcher Chokri Ben Achor and was fixed in collaboration with China’s National Vulnerability Database for Information Security.