CVE-2025-4568
BaseFortify
Publication date: 2025-06-05
Last updated on: 2025-06-05
Assigner: CERT.PL
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-4568 is a vulnerability in the 2ClickPortal software (versions prior to 7.14.3) where improper sanitization of user input in the 'changes__reference_id' URL parameter allows unauthorized users to perform boolean-based Blind SQL Injection attacks. This means attackers can inject malicious SQL code to manipulate database queries without direct feedback, potentially compromising the database's integrity and confidentiality. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to manipulate the database by injecting malicious SQL commands, which may lead to unauthorized access, data leakage, data corruption, or loss of data integrity and confidentiality. Since it is a high-severity issue (CVSS 9.3), it poses a significant risk to the affected system's security. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can negatively impact compliance with standards like GDPR and HIPAA because it risks unauthorized access to sensitive personal or health data stored in the database. Exploitation could lead to data breaches, violating data protection requirements and potentially resulting in legal and financial penalties. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves testing the `changes__reference_id` parameter in the URL for boolean-based Blind SQL Injection. You can use tools like sqlmap or manual curl commands to inject payloads and observe responses. For example, using curl: curl 'http://targetsite.com/path?changes__reference_id=1 AND 1=1' and curl 'http://targetsite.com/path?changes__reference_id=1 AND 1=2' to compare responses. Differences in responses may indicate vulnerability. Automated scanners that test for SQL Injection on URL parameters can also be used. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the 2ClickPortal software to version 7.14.3 or later, where this vulnerability has been fixed. Until the upgrade can be applied, restrict access to the affected parameter if possible, implement web application firewall (WAF) rules to block suspicious input patterns targeting the `changes__reference_id` parameter, and monitor logs for exploitation attempts. [1]