How the CVE Works
CVE-2025-25992 exploits an SQL injection flaw in FeMiner wms 1.0 through the `inquire_inout_item.php` component. Attackers craft malicious SQL queries via unsanitized input parameters, allowing unauthorized database access. The vulnerability occurs due to improper input validation, enabling execution of arbitrary SQL commands. This can lead to data leakage, including sensitive records. The attack vector is network-based, requiring no authentication, and can be exploited remotely. The component processes user-supplied data without prepared statements or proper escaping, making it susceptible to injection. Successful exploitation may expose inventory details, user credentials, and system configurations.
DailyCVE Form
Platform: FeMiner wms
Version: 1.0
Vulnerability: SQL Injection
Severity: Critical
Date: 05/02/2025
What Undercode Say:
Exploitation
1. Identify vulnerable endpoint:
curl -X GET "http://target.com/inquire_inout_item.php?param=1"
2. Test for SQLi:
curl -X GET "http://target.com/inquire_inout_item.php?param=1'"
3. Extract data:
' UNION SELECT 1,user(),3,4-- -
Protection
1. Input sanitization:
$param = mysqli_real_escape_string($conn, $_GET['param']);
2. Prepared statements:
$stmt = $conn->prepare("SELECT FROM items WHERE id=?");
$stmt->bind_param("i", $_GET['param']);
3. WAF rules:
location ~ inquire_inout_item.php {
deny all;
}
Detection
1. Log monitoring:
grep "inquire_inout_item.php" /var/log/apache2/access.log | grep -E "UNION|SELECT"
2. SQLi scanning:
sqlmap -u "http://target.com/inquire_inout_item.php?param=1" --risk=3
Mitigation
1. Patch: Disable vulnerable component.
2. Database hardening:
REVOKE ALL PRIVILEGES ON . FROM 'wms_user'@'%';
3. Network restrictions:
iptables -A INPUT -p tcp --dport 80 -s trusted_ip -j ACCEPT
Analytics
- Attack surface: Remote, low complexity.
- Impact: Confidentiality compromise.
- Exploitability: No auth required.
- CVSS 4.0: 9.8 (Critical).
- Affected systems: FeMiner wms 1.0.
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
Undercode
