PatchSiren cyber security CVE debrief

CVE-2022-3792 GullsEye CVE debrief

A critical SQL injection vulnerability in GullsEye Terminal Operating System (TOS) allows unauthenticated remote attackers to execute arbitrary SQL commands. The vulnerability, rated CVSS 9.8, affects versions prior to 5.0.13. Multiple third-party security advisories from Turkish government sources (USOM and Cybersecurity Directorate) confirm active exploitation with publicly available proof-of-concept code. The flaw resides in improper neutralization of special elements in SQL commands (CWE-89), enabling complete database compromise without authentication. Organizations operating maritime or logistics terminals using GullsEye TOS should prioritize patching to version 5.0.13 or later and implement network segmentation for critical terminal infrastructure.

Vendor: GullsEye
Product: GullsEye terminal operating system
CVSS: CRITICAL 9.8
CISA KEV: Not listed in stored evidence
Original CVE published: 2023-01-10
Original CVE updated: 2026-05-20
Advisory published: 2023-01-10
Advisory updated: 2026-05-20

Who should care

Maritime terminal operators, port authorities, logistics companies, container shipping lines, supply chain security teams, critical infrastructure defenders, and organizations using GullsEye Terminal Operating System for cargo management and vessel operations

Technical summary

The GullsEye Terminal Operating System contains an unauthenticated SQL injection vulnerability (CWE-89) in its web-facing components. The application fails to properly sanitize user-supplied input before constructing SQL queries, allowing attackers to inject malicious SQL syntax. With network access to the TOS interface, attackers can bypass authentication, extract sensitive terminal operational data, modify container/shipment records, and potentially achieve operating system command execution through database server functions. The CVSS 9.8 rating reflects the unauthenticated network attack vector with low complexity and high impact across confidentiality, integrity, and availability. Terminal operating systems manage critical port and logistics operations, making this vulnerability particularly significant for supply chain security.

Defensive priority

critical

Recommended defensive actions

Upgrade GullsEye Terminal Operating System to version 5.0.13 or later immediately
Restrict network access to GullsEye TOS administrative interfaces to authorized terminal operators only
Deploy web application firewall (WAF) rules to detect and block SQL injection patterns targeting terminal operating system endpoints
Conduct database integrity verification and audit logs for unauthorized access indicators prior to patch deployment
Segment terminal operating system networks from corporate IT and internet-facing infrastructure
Review and rotate database credentials if compromise is suspected
Monitor for anomalous database queries or unexpected data exports from terminal management systems

Evidence notes

CVE published 2023-01-10; modified 2026-05-20. Multiple Turkish government security bulletins (TR-22-0747-2) confirm vulnerability with exploit availability. CPE confirms affected versions: all versions before 5.0.13. CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Official resources

CVE-2022-3792 CVE record
CVE.org
CVE-2022-3792 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory

2023-01-10