An unauthenticated SQL injection vulnerability in Metacat allows attackers to gain complete control over the application's database.

The /harvesterRegistration endpoint fails to properly escape input parameters, allowing an unauthenticated attacker to perform SQL injection via string concatenation. This allows for stacked queries, granting full access to the PostgreSQL database.

With a CVSS score of 9.8, this vulnerability represents a total loss of data confidentiality and integrity. An attacker can exfiltrate sensitive research data, modify repository contents, or execute system-level commands within the database context, causing massive disruption to research activities.

Immediate Action: Upgrade Metacat to version 3.0.0 or later to resolve the SQL injection flaw.

Proactive Monitoring: Review database logs for suspicious query patterns or unexpected attempts to access system-level tables.

Compensating Controls: Use a WAF with SQL injection protection rules to filter malicious input at the /harvesterRegistration endpoint.

Public Exploit Available: Unknown

SQL injection is a well-understood but devastating attack vector. Given the full access granted by this flaw, administrators must upgrade to version 3.0.0 immediately to secure the repository and its underlying data.